Make WordPress Core


Ignore:
Timestamp:
04/28/2009 06:37:51 AM (16 years ago)
Author:
ryan
Message:

attr escaping. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-page-form.php

    r11109 r11110  
    7474<div id="save-action">
    7575<?php if ( 'publish' != $post->post_status && 'future' != $post->post_status && 'pending' != $post->post_status )  { ?>
    76 <input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php echo attr( __('Save Draft') ); ?>" tabindex="4" class="button button-highlighted" />
     76<input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php _ea('Save Draft'); ?>" tabindex="4" class="button button-highlighted" />
    7777<?php } elseif ( 'pending' == $post->post_status && $can_publish ) { ?>
    78 <input type="submit" name="save" id="save-post" value="<?php echo attr( __('Save as Pending') ); ?>" tabindex="4" class="button button-highlighted" />
     78<input type="submit" name="save" id="save-post" value="<?php _ea('Save as Pending'); ?>" tabindex="4" class="button button-highlighted" />
    7979<?php } ?>
    8080</div>
     
    125125
    126126<div id="post-status-select" class="hide-if-js">
    127 <input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo $post->post_status; ?>" />
     127<input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo attr($post->post_status); ?>" />
    128128<select name='post_status' id='post_status' tabindex='4'>
    129129<?php if ( 'publish' == $post->post_status ) : ?>
     
    229229<?php if ( $can_publish ) : ?>
    230230    <?php if ( !empty($post->post_date_gmt) && time() < strtotime( $post->post_date_gmt . ' +0000' ) ) : ?>
    231         <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Schedule') ?>" />
    232         <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Schedule') ?>" />
     231        <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Schedule') ?>" />
     232        <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Schedule') ?>" />
    233233    <?php else : ?>
    234         <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Publish') ?>" />
    235         <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Publish') ?>" />
     234        <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Publish') ?>" />
     235        <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Publish') ?>" />
    236236    <?php endif; ?>
    237237<?php else : ?>
    238     <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Submit for Review') ?>" />
    239     <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Submit for Review') ?>" />
     238    <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Submit for Review') ?>" />
     239    <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Submit for Review') ?>" />
    240240<?php endif; ?>
    241241<?php } else { ?>
    242     <input name="original_publish" type="hidden" id="original_publish" value="<?php _e('Update Page') ?>" />
    243     <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _e('Update Page') ?>" />
     242    <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Update Page') ?>" />
     243    <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Update Page') ?>" />
    244244<?php } ?>
    245245</div>
     
    294294?>
    295295<h5><?php _e('Order') ?></h5>
    296 <p><label class="hidden" for="menu_order"><?php _e('Page Order') ?></label><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo $post->menu_order ?>" /></p>
     296<p><label class="hidden" for="menu_order"><?php _e('Page Order') ?></label><input name="menu_order" type="text" size="4" id="menu_order" value="<?php echo attr($post->menu_order) ?>" /></p>
    297297<p><?php _e('Pages are usually ordered alphabetically, but you can put a number above to change the order pages appear in. (We know this is a little janky, it&#8217;ll be better in future releases.)'); ?></p>
    298298<?php
     
    418418?>
    419419<input type="hidden" id="user-id" name="user_ID" value="<?php echo $user_ID ?>" />
    420 <input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' />
    421 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
     420<input type="hidden" id="hiddenaction" name="action" value='<?php echo attr($form_action) ?>' />
     421<input type="hidden" id="originalaction" name="originalaction" value="<?php echo attr($form_action) ?>" />
    422422<input type="hidden" id="post_author" name="post_author" value="<?php echo attr( $post->post_author ); ?>" />
    423423<?php echo $form_extra ?>
    424 <input type="hidden" id="post_type" name="post_type" value="<?php echo $post->post_type ?>" />
    425 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo $post->post_status ?>" />
     424<input type="hidden" id="post_type" name="post_type" value="<?php echo attr($post->post_type) ?>" />
     425<input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo attr($post->post_status) ?>" />
    426426<input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
    427427<?php if ( 'draft' != $post->post_status ) wp_original_referer_field(true, 'previous'); ?>
Note: See TracChangeset for help on using the changeset viewer.