Changeset 11173 for trunk/wp-includes/post-template.php

Timestamp:

05/04/2009 05:54:08 PM (17 years ago)

Author:

ryan

Message:

Attr escaping

File:

• trunk/wp-includes/post-template.php (modified) (3 diffs)

trunk/wp-includes/post-template.php

@@ -708 +708 @@
             $output .= "\t<option value=\"-1\">$show_option_no_change</option>";
         if ( $show_option_none )
-            $output .= "\t<option value=\"$option_none_value\">$show_option_none</option>\n";
+            $output .= "\t<option value=\"" . attr($option_none_value) . "\">$show_option_none</option>\n";
         $output .= walk_page_dropdown_tree($pages, $depth, $r);
         $output .= "</select>\n";
@@ -1135 +1135 @@
     $output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post">
     <p>' . __("This post is password protected. To view it please enter your password below:") . '</p>
-    <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . __("Submit") . '" /></p>
+    <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . _a("Submit") . '" /></p>
     </form>
     ';
@@ -1317 +1317 @@
 <div class="tablenav">
     <div class="alignleft">
-        <input type="submit" class="button-secondary" value="<?php _e( 'Compare Revisions' ); ?>" />
+        <input type="submit" class="button-secondary" value="<?php _ea( 'Compare Revisions' ); ?>" />
         <input type="hidden" name="action" value="diff" />
     </div>