Changeset 11110 for trunk/wp-admin/sidebar.php

Timestamp:

04/28/2009 06:37:51 AM (17 years ago)

Author:

ryan

Message:

attr escaping. see #9650

File:

• trunk/wp-admin/sidebar.php (modified) (2 diffs)

trunk/wp-admin/sidebar.php

@@ -89 +89 @@
 <div>
 <input type="hidden" name="action" value="post" />
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
+<input type="hidden" name="user_ID" value="<?php echo attr($user_ID) ?>" />
 <input type="hidden" name="mode" value="sidebar" />
-<input type="hidden" name="ping_status" value="<?php echo $post->ping_status; ?>" />
-<input type="hidden" name="comment_status" value="<?php echo $post->comment_status; ?>" />
+<input type="hidden" name="ping_status" value="<?php echo attr($post->ping_status); ?>" />
+<input type="hidden" name="comment_status" value="<?php echo attr($post->comment_status); ?>" />
 <?php wp_nonce_field('add-post');
 
@@ -117 +117 @@
 
 <p>
-<input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" accesskey="s" class="button" value="<?php _e('Save as Draft'); ?>" />
+<input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" accesskey="s" class="button" value="<?php _ea('Save as Draft'); ?>" />
 <?php if ( current_user_can('publish_posts') ) : ?>
-<input name="publish" type="submit" id="publish" tabindex="6" accesskey="p" value="<?php _e('Publish') ?>" class="button button-highlighted" />
+<input name="publish" type="submit" id="publish" tabindex="6" accesskey="p" value="<?php _ea('Publish') ?>" class="button button-highlighted" />
 <?php endif; ?>
 </p>