Make WordPress Core


Ignore:
Timestamp:
05/04/2009 05:54:08 PM (15 years ago)
Author:
ryan
Message:

Attr escaping

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/import/livejournal.php

    r11150 r11173  
    182182        <?php wp_nonce_field( 'lj-api-import' ) ?>
    183183        <?php if ( get_option( 'ljapi_username' ) && get_option( 'ljapi_password' ) ) : ?>
    184             <input type="hidden" name="step" value="<?php echo get_option( 'ljapi_step' ) ?>" />
     184            <input type="hidden" name="step" value="<?php echo attr( get_option( 'ljapi_step' ) ) ?>" />
    185185            <p><?php _e( 'It looks like you attempted to import your LiveJournal posts previously and got interrupted.' ) ?></p>
    186186            <p class="submit">
    187                 <input type="submit" class="button-primary" value="<?php echo attr( __( 'Continue previous import' ) ) ?>" />
     187                <input type="submit" class="button-primary" value="<?php _ea( 'Continue previous import' ) ?>" />
    188188            </p>
    189189            <p class="submitbox"><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attr( $_SERVER['REQUEST_URI'] )) ?>" class="deletion submitdelete"><?php _e( 'Cancel &amp; start a new import' ) ?></a></p>
     
    224224
    225225            <p class="submit">
    226                 <input type="submit" class="button-primary" value="<?php echo attr( __( 'Connect to LiveJournal and Import' ) ) ?>" />
     226                <input type="submit" class="button-primary" value="<?php _ea( 'Connect to LiveJournal and Import' ) ?>" />
    227227            </p>
    228228
     
    817817            <?php wp_nonce_field( 'lj-api-import' ) ?>
    818818            <input type="hidden" name="step" id="step" value="1" />
    819             <p><input type="submit" class="button-primary" value="<?php echo attr( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
     819            <p><input type="submit" class="button-primary" value="<?php _ea( 'Import the next batch' ) ?>" /> <span id="auto-message"></span></p>
    820820            </form>
    821821            <?php $this->auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
     
    867867            <?php wp_nonce_field( 'lj-api-import' ) ?>
    868868            <input type="hidden" name="step" id="step" value="2" />
    869             <p><input type="submit" class="button-primary" value="<?php echo attr( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
     869            <p><input type="submit" class="button-primary" value="<?php _ea( 'Import the next batch' ) ?>" /> <span id="auto-message"></span></p>
    870870            </form>
    871871            <?php $this->auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
     
    942942        $str .= wp_nonce_field( 'lj-api-import', '_wpnonce', true, false );
    943943        $str .= wp_referer_field( false );
    944         $str .= '<input type="hidden" name="step" id="step" value="' . $next_step . '" />';
     944        $str .= '<input type="hidden" name="step" id="step" value="' . attr($next_step) . '" />';
    945945        $str .= '<p><input type="submit" class="button-primary" value="' . attr( $label ) . '" /> <span id="auto-message"></span></p>';
    946946        $str .= '</form>';
Note: See TracChangeset for help on using the changeset viewer.