WordPress.org

Make WordPress Core

Changeset 11120


Ignore:
Timestamp:
04/29/09 16:20:14 (5 years ago)
Author:
ryan
Message:

urlencode referrer. Props hakre. fixes #8587

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-form-comment.php

    r11109 r11120  
    7070<div id="major-publishing-actions"> 
    7171<div id="delete-action"> 
    72 <?php echo "<a class='submitdelete deletion' href='" . wp_nonce_url("comment.php?action=deletecomment&amp;c=$comment->comment_ID&amp;_wp_original_http_referer=" . wp_get_referer(), 'delete-comment_' . $comment->comment_ID) . "' onclick=\"if ( confirm('" . js_escape(__("You are about to delete this comment. \n  'Cancel' to stop, 'OK' to delete.")) . "') ){return true;}return false;\">" . __('Delete') . "</a>\n"; ?> 
     72<?php echo "<a class='submitdelete deletion' href='" . wp_nonce_url("comment.php?action=deletecomment&amp;c=$comment->comment_ID&amp;_wp_original_http_referer=" . urlencode(wp_get_referer()), 'delete-comment_' . $comment->comment_ID) . "' onclick=\"if ( confirm('" . js_escape(__("You are about to delete this comment. \n  'Cancel' to stop, 'OK' to delete.")) . "') ){return true;}return false;\">" . __('Delete') . "</a>\n"; ?> 
    7373</div> 
    7474<div id="publishing-action"> 
     
    131131<input type="hidden" name="c" value="<?php echo attr($comment->comment_ID) ?>" /> 
    132132<input type="hidden" name="p" value="<?php echo attr($comment->comment_post_ID) ?>" /> 
    133 <input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" /> 
     133<input name="referredby" type="hidden" id="referredby" value="<?php echo attr(clean_url(stripslashes(wp_get_referer()))); ?>" /> 
    134134<?php wp_original_referer_field(true, 'previous'); ?> 
    135135<input type="hidden" name="noredir" value="1" /> 
Note: See TracChangeset for help on using the changeset viewer.