Make WordPress Core


Ignore:
Timestamp:
05/05/2009 07:43:53 PM (15 years ago)
Author:
markjaquith
Message:

_a(), _ea(), _xa(), attr() are now esc_attr(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-comments.php

    r11180 r11204  
    8484require_once('admin-header.php');
    8585
    86 $mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : attr($_GET['mode']);
     86$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : esc_attr($_GET['mode']);
    8787
    8888$default_status = get_user_option('edit_comments_last_view');
     
    9595    update_usermeta($current_user->ID, 'edit_comments_last_view', $comment_status);
    9696
    97 $comment_type = !empty($_GET['comment_type']) ? attr($_GET['comment_type']) : '';
     97$comment_type = !empty($_GET['comment_type']) ? esc_attr($_GET['comment_type']) : '';
    9898
    9999$search_dirty = ( isset($_GET['s']) ) ? $_GET['s'] : '';
    100 $search = attr( $search_dirty ); ?>
     100$search = esc_attr( $search_dirty ); ?>
    101101
    102102<div class="wrap">
     
    165165    // I toyed with this, but decided against it. Leaving it in here in case anyone thinks it is a good idea. ~ Mark
    166166    if ( !empty( $_GET['s'] ) )
    167         $link = add_query_arg( 's', attr( stripslashes( $_GET['s'] ) ), $link );
     167        $link = add_query_arg( 's', esc_attr( stripslashes( $_GET['s'] ) ), $link );
    168168    */
    169169    $status_links[] = "<li class='$status'><a href='$link'$class>" . sprintf(
     
    183183    <label class="invisible" for="comment-search-input"><?php _e( 'Search Comments' ); ?>:</label>
    184184    <input type="text" id="comment-search-input" name="s" value="<?php _admin_search_query(); ?>" />
    185     <input type="submit" value="<?php _ea( 'Search Comments' ); ?>" class="button" />
     185    <input type="submit" value="<?php esc_attr_e( 'Search Comments' ); ?>" class="button" />
    186186</p>
    187187
     
    225225?>
    226226
    227 <input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
     227<input type="hidden" name="mode" value="<?php echo esc_attr($mode); ?>" />
    228228<?php if ( $post_id ) : ?>
    229 <input type="hidden" name="p" value="<?php echo attr( intval( $post_id ) ); ?>" />
    230 <?php endif; ?>
    231 <input type="hidden" name="comment_status" value="<?php echo attr($comment_status); ?>" />
    232 <input type="hidden" name="pagegen_timestamp" value="<?php echo attr(current_time('mysql', 1)); ?>" />
     229<input type="hidden" name="p" value="<?php echo esc_attr( intval( $post_id ) ); ?>" />
     230<?php endif; ?>
     231<input type="hidden" name="comment_status" value="<?php echo esc_attr($comment_status); ?>" />
     232<input type="hidden" name="pagegen_timestamp" value="<?php echo esc_attr(current_time('mysql', 1)); ?>" />
    233233
    234234<div class="tablenav">
     
    241241    $page_links
    242242); echo $page_links_text; ?></div>
    243 <input type="hidden" name="_total" value="<?php echo attr($total); ?>" />
    244 <input type="hidden" name="_per_page" value="<?php echo attr($comments_per_page); ?>" />
    245 <input type="hidden" name="_page" value="<?php echo attr($page); ?>" />
     243<input type="hidden" name="_total" value="<?php echo esc_attr($total); ?>" />
     244<input type="hidden" name="_per_page" value="<?php echo esc_attr($comments_per_page); ?>" />
     245<input type="hidden" name="_page" value="<?php echo esc_attr($page); ?>" />
    246246<?php endif; ?>
    247247
     
    260260<option value="delete"><?php _e('Delete'); ?></option>
    261261</select>
    262 <input type="submit" name="doaction" id="doaction" value="<?php _ea('Apply'); ?>" class="button-secondary apply" />
     262<input type="submit" name="doaction" id="doaction" value="<?php esc_attr_e('Apply'); ?>" class="button-secondary apply" />
    263263<?php wp_nonce_field('bulk-comments'); ?>
    264264
     
    272272
    273273    foreach ( $comment_types as $type => $label ) {
    274         echo "  <option value='" . attr($type) . "'";
     274        echo "  <option value='" . esc_attr($type) . "'";
    275275        selected( $comment_type, $type );
    276276        echo ">$label</option>\n";
     
    278278?>
    279279</select>
    280 <input type="submit" id="post-query-submit" value="<?php _ea('Filter'); ?>" class="button-secondary" />
     280<input type="submit" id="post-query-submit" value="<?php esc_attr_e('Filter'); ?>" class="button-secondary" />
    281281
    282282<?php if ( isset($_GET['apage']) ) { ?>
    283     <input type="hidden" name="apage" value="<?php echo attr( absint( $_GET['apage'] ) ); ?>" />
     283    <input type="hidden" name="apage" value="<?php echo esc_attr( absint( $_GET['apage'] ) ); ?>" />
    284284<?php }
    285285
     
    287287    wp_nonce_field('bulk-spam-delete', '_spam_nonce');
    288288        if ( current_user_can ('moderate_comments')) { ?>
    289         <input type="submit" name="delete_all_spam" value="<?php _ea('Delete All Spam'); ?>" class="button-secondary apply" />
     289        <input type="submit" name="delete_all_spam" value="<?php esc_attr_e('Delete All Spam'); ?>" class="button-secondary apply" />
    290290<?php   }
    291291} ?>
     
    347347<option value="delete"><?php _e('Delete'); ?></option>
    348348</select>
    349 <input type="submit" name="doaction2" id="doaction2" value="<?php _ea('Apply'); ?>" class="button-secondary apply" />
     349<input type="submit" name="doaction2" id="doaction2" value="<?php esc_attr_e('Apply'); ?>" class="button-secondary apply" />
    350350
    351351<?php if ( 'spam' == $comment_status ) { ?>
    352 <input type="submit" name="delete_all_spam2" value="<?php _ea('Delete All Spam'); ?>" class="button-secondary apply" />
     352<input type="submit" name="delete_all_spam2" value="<?php esc_attr_e('Delete All Spam'); ?>" class="button-secondary apply" />
    353353<?php } ?>
    354354<?php do_action('manage_comments_nav', $comment_status); ?>
     
    361361
    362362<form id="get-extra-comments" method="post" action="" class="add:the-extra-comment-list:" style="display: none;">
    363     <input type="hidden" name="s" value="<?php echo attr($search); ?>" />
    364     <input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
    365     <input type="hidden" name="comment_status" value="<?php echo attr($comment_status); ?>" />
     363    <input type="hidden" name="s" value="<?php echo esc_attr($search); ?>" />
     364    <input type="hidden" name="mode" value="<?php echo esc_attr($mode); ?>" />
     365    <input type="hidden" name="comment_status" value="<?php echo esc_attr($comment_status); ?>" />
    366366    <input type="hidden" name="page" value="<?php echo isset($_REQUEST['page']) ? absint( $_REQUEST['page'] ) : 1; ?>" />
    367     <input type="hidden" name="p" value="<?php echo attr( $post_id ); ?>" />
    368     <input type="hidden" name="comment_type" value="<?php echo attr( $comment_type ); ?>" />
     367    <input type="hidden" name="p" value="<?php echo esc_attr( $post_id ); ?>" />
     368    <input type="hidden" name="comment_type" value="<?php echo esc_attr( $comment_type ); ?>" />
    369369    <?php wp_nonce_field( 'add-comment', '_ajax_nonce', false ); ?>
    370370</form>
Note: See TracChangeset for help on using the changeset viewer.