Changeset 11173 for trunk/wp-content/themes/classic/comments-popup.php

Timestamp:

05/04/2009 05:54:08 PM (16 years ago)

Author:

ryan

Message:

Attr escaping

File:

• trunk/wp-content/themes/classic/comments-popup.php (modified) (2 diffs)

trunk/wp-content/themes/classic/comments-popup.php

@@ -68 +68 @@
 <?php else : ?>
     <p>
-      <input type="text" name="author" id="author" class="textarea" value="<?php echo $comment_author; ?>" size="28" tabindex="1" />
+      <input type="text" name="author" id="author" class="textarea" value="<?php echo attr($comment_author); ?>" size="28" tabindex="1" />
        <label for="author"><?php _e("Name"); ?></label>
     </p>
 
     <p>
-      <input type="text" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="28" tabindex="2" />
+      <input type="text" name="email" id="email" value="<?php echo attr($comment_author_email); ?>" size="28" tabindex="2" />
        <label for="email"><?php _e("E-mail"); ?></label>
     </p>
 
     <p>
-      <input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="28" tabindex="3" />
+      <input type="text" name="url" id="url" value="<?php echo attr($comment_author_url); ?>" size="28" tabindex="3" />
        <label for="url"><?php _e("<abbr title=\"Universal Resource Locator\">URL</abbr>"); ?></label>
     </p>
@@ -92 +92 @@
       <input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
       <input type="hidden" name="redirect_to" value="<?php echo attr($_SERVER["REQUEST_URI"]); ?>" />
-      <input name="submit" type="submit" tabindex="5" value="<?php _e("Say It!"); ?>" />
+      <input name="submit" type="submit" tabindex="5" value="<?php _ea("Say It!"); ?>" />
     </p>
     <?php do_action('comment_form', $post->ID); ?>