Changeset 11110 for trunk/wp-admin/edit.php

Timestamp:

04/28/2009 06:37:51 AM (16 years ago)

Author:

ryan

Message:

attr escaping. see #9650

File:

• trunk/wp-admin/edit.php (modified) (6 diffs)

trunk/wp-admin/edit.php

@@ -167 +167 @@
     <label class="hidden" for="post-search-input"><?php _e( 'Search Posts' ); ?>:</label>
     <input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" />
-    <input type="submit" value="<?php _e( 'Search Posts' ); ?>" class="button" />
+    <input type="submit" value="<?php _ea( 'Search Posts' ); ?>" class="button" />
 </p>
 
@@ -173 +173 @@
 <input type="hidden" name="post_status" value="<?php echo attr($_GET['post_status']) ?>" />
 <?php endif; ?>
-<input type="hidden" name="mode" value="<?php echo $mode; ?>" />
+<input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
 
 <?php if ( have_posts() ) { ?>
@@ -196 +196 @@
 <option value="delete"><?php _e('Delete'); ?></option>
 </select>
-<input type="submit" value="<?php _e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
+<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
 <?php wp_nonce_field('bulk-posts'); ?>
 
@@ -223 +223 @@
         $default = '';
 
-    echo "<option$default value='$arc_row->yyear$arc_row->mmonth'>";
+    echo "<option$default value='" . attr("$arc_row->yyear$arc_row->mmonth") . "'>";
     echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear";
     echo "</option>\n";
@@ -237 +237 @@
 do_action('restrict_manage_posts');
 ?>
-<input type="submit" id="post-query-submit" value="<?php _e('Filter'); ?>" class="button-secondary" />
+<input type="submit" id="post-query-submit" value="<?php _ea('Filter'); ?>" class="button-secondary" />
 
 <?php } ?>
@@ -276 +276 @@
 <option value="delete"><?php _e('Delete'); ?></option>
 </select>
-<input type="submit" value="<?php _e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
+<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
 <br class="clear" />
 </div>