Changeset 11204 for trunk/wp-admin/edit-form-advanced.php
- Timestamp:
- 05/05/2009 07:43:53 PM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/edit-form-advanced.php
r11203 r11204 34 34 $form_action = 'post'; 35 35 $temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post() 36 $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='" . attr($temp_ID) . "' />";36 $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='" . esc_attr($temp_ID) . "' />"; 37 37 $autosave = false; 38 38 } else { 39 39 $form_action = 'editpost'; 40 $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='" . attr($post_ID) . "' />";40 $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='" . esc_attr($post_ID) . "' />"; 41 41 $autosave = wp_get_post_autosave( $post_ID ); 42 42 … … 73 73 <?php // Hidden submit button early on so that the browser chooses the right button when form is submitted with Return key ?> 74 74 <div style="display:none;"> 75 <input type="submit" name="save" value="<?php _ea('Save'); ?>" />75 <input type="submit" name="save" value="<?php esc_attr_e('Save'); ?>" /> 76 76 </div> 77 77 … … 79 79 <div id="save-action"> 80 80 <?php if ( 'publish' != $post->post_status && 'future' != $post->post_status && 'pending' != $post->post_status ) { ?> 81 <input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php _ea('Save Draft'); ?>" tabindex="4" class="button button-highlighted" />81 <input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php esc_attr_e('Save Draft'); ?>" tabindex="4" class="button button-highlighted" /> 82 82 <?php } elseif ( 'pending' == $post->post_status && $can_publish ) { ?> 83 <input type="submit" name="save" id="save-post" value="<?php _ea('Save as Pending'); ?>" tabindex="4" class="button button-highlighted" />83 <input type="submit" name="save" id="save-post" value="<?php esc_attr_e('Save as Pending'); ?>" tabindex="4" class="button button-highlighted" /> 84 84 <?php } ?> 85 85 </div> … … 130 130 131 131 <div id="post-status-select" class="hide-if-js"> 132 <input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo attr($post->post_status); ?>" />132 <input type="hidden" name="hidden_post_status" id="hidden_post_status" value="<?php echo esc_attr($post->post_status); ?>" /> 133 133 <select name='post_status' id='post_status' tabindex='4'> 134 134 <?php if ( 'publish' == $post->post_status ) : ?> … … 170 170 171 171 <div id="post-visibility-select" class="hide-if-js"> 172 <input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo attr($post->post_password); ?>" />172 <input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo esc_attr($post->post_password); ?>" /> 173 173 <input type="checkbox" style="display:none" name="hidden_post_sticky" id="hidden-post-sticky" value="sticky" <?php checked(is_sticky($post->ID)); ?> /> 174 <input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo attr( $visibility ); ?>" />174 <input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo esc_attr( $visibility ); ?>" /> 175 175 176 176 … … 178 178 <span id="sticky-span"><input id="sticky" name="sticky" type="checkbox" value="sticky" <?php checked(is_sticky($post->ID)); ?> tabindex="4" /> <label for="sticky" class="selectit"><?php _e('Stick this post to the front page') ?></label><br /></span> 179 179 <input type="radio" name="visibility" id="visibility-radio-password" value="password" <?php checked( $visibility, 'password' ); ?> /> <label for="visibility-radio-password" class="selectit"><?php _e('Password protected'); ?></label><br /> 180 <span id="password-span"><label for="post_password"><?php _e('Password:'); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo attr($post->post_password); ?>" /><br /></span>180 <span id="password-span"><label for="post_password"><?php _e('Password:'); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo esc_attr($post->post_password); ?>" /><br /></span> 181 181 <input type="radio" name="visibility" id="visibility-radio-private" value="private" <?php checked( $visibility, 'private' ); ?> /> <label for="visibility-radio-private" class="selectit"><?php _e('Private'); ?></label><br /> 182 182 … … 239 239 if ( current_user_can('publish_posts') ) : 240 240 if ( !empty($post->post_date_gmt) && time() < strtotime( $post->post_date_gmt . ' +0000' ) ) : ?> 241 <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Schedule') ?>" />242 <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Schedule') ?>" />241 <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e('Schedule') ?>" /> 242 <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php esc_attr_e('Schedule') ?>" /> 243 243 <?php else : ?> 244 <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Publish') ?>" />245 <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Publish') ?>" />244 <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e('Publish') ?>" /> 245 <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php esc_attr_e('Publish') ?>" /> 246 246 <?php endif; 247 247 else : ?> 248 <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Submit for Review') ?>" />249 <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Submit for Review') ?>" />248 <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e('Submit for Review') ?>" /> 249 <input name="publish" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php esc_attr_e('Submit for Review') ?>" /> 250 250 <?php 251 251 endif; 252 252 } else { ?> 253 <input name="original_publish" type="hidden" id="original_publish" value="<?php _ea('Update Post') ?>" />254 <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php _ea('Update Post') ?>" />253 <input name="original_publish" type="hidden" id="original_publish" value="<?php esc_attr_e('Update Post') ?>" /> 254 <input name="save" type="submit" class="button-primary" id="publish" tabindex="5" accesskey="p" value="<?php esc_attr_e('Update Post') ?>" /> 255 255 <?php 256 256 } ?> … … 272 272 */ 273 273 function post_tags_meta_box($post, $box) { 274 $tax_name = attr(substr($box['id'], 8));274 $tax_name = esc_attr(substr($box['id'], 8)); 275 275 $taxonomy = get_taxonomy($tax_name); 276 $helps = isset($taxonomy->helps) ? attr($taxonomy->helps) : __('Separate tags with commas.');276 $helps = isset($taxonomy->helps) ? esc_attr($taxonomy->helps) : __('Separate tags with commas.'); 277 277 ?> 278 278 <div class="tagsdiv" id="<?php echo $tax_name; ?>"> … … 280 280 <div class="nojs-tags hide-if-js"> 281 281 <p><?php _e('Add or remove tags'); ?></p> 282 <textarea name="<?php echo "tax_input[$tax_name]"; ?>" class="the-tags" id="tax-input[<?php echo $tax_name; ?>]"><?php echo attr(get_terms_to_edit( $post->ID, $tax_name )); ?></textarea></div>282 <textarea name="<?php echo "tax_input[$tax_name]"; ?>" class="the-tags" id="tax-input[<?php echo $tax_name; ?>]"><?php echo esc_attr(get_terms_to_edit( $post->ID, $tax_name )); ?></textarea></div> 283 283 284 284 <span class="ajaxtag hide-if-no-js"> 285 285 <label class="invisible" for="new-tag-<?php echo $tax_name; ?>"><?php echo $box['title']; ?></label> 286 <input type="text" id="new-tag-<?php echo $tax_name; ?>" name="newtag[<?php echo $tax_name; ?>]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php _ea('Add new tag'); ?>" />287 <input type="button" class="button tagadd" value="<?php _ea('Add'); ?>" tabindex="3" />286 <input type="text" id="new-tag-<?php echo $tax_name; ?>" name="newtag[<?php echo $tax_name; ?>]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php esc_attr_e('Add new tag'); ?>" /> 287 <input type="button" class="button tagadd" value="<?php esc_attr_e('Add'); ?>" tabindex="3" /> 288 288 </span></div> 289 289 <p class="howto"><?php echo $helps; ?></p> … … 298 298 if ( !is_taxonomy_hierarchical($tax_name) ) { 299 299 $taxonomy = get_taxonomy($tax_name); 300 $label = isset($taxonomy->label) ? attr($taxonomy->label) : $tax_name;300 $label = isset($taxonomy->label) ? esc_attr($taxonomy->label) : $tax_name; 301 301 302 302 add_meta_box('tagsdiv-' . $tax_name, $label, 'post_tags_meta_box', 'post', 'side', 'core'); … … 334 334 <h4><a id="category-add-toggle" href="#category-add" class="hide-if-no-js" tabindex="3"><?php _e( '+ Add New Category' ); ?></a></h4> 335 335 <p id="category-add" class="wp-hidden-child"> 336 <label class="invisible" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _ea( 'New category name' ); ?>" tabindex="3" aria-required="true"/>336 <label class="invisible" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php esc_attr_e( 'New category name' ); ?>" tabindex="3" aria-required="true"/> 337 337 <label class="invisible" for="newcat_parent"><?php _e('Parent category'); ?>:</label><?php wp_dropdown_categories( array( 'hide_empty' => 0, 'name' => 'newcat_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => __('Parent category'), 'tab_index' => 3 ) ); ?> 338 <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php _ea( 'Add' ); ?>" tabindex="3" />338 <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php esc_attr_e( 'Add' ); ?>" tabindex="3" /> 339 339 <?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?> 340 340 <span id="category-ajax-response"></span></p> … … 386 386 */ 387 387 function post_trackback_meta_box($post) { 388 $form_trackback = '<input type="text" name="trackback_url" id="trackback_url" class="code" tabindex="7" value="'. attr( str_replace("\n", ' ', $post->to_ping) ) .'" />';388 $form_trackback = '<input type="text" name="trackback_url" id="trackback_url" class="code" tabindex="7" value="'. esc_attr( str_replace("\n", ' ', $post->to_ping) ) .'" />'; 389 389 if ('' != $post->pinged) { 390 390 $pings = '<p>'. __('Already pinged:') . '</p><ul>'; … … 493 493 function post_slug_meta_box($post) { 494 494 ?> 495 <label class="invisible" for="post_name"><?php _e('Post Slug') ?></label><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attr( $post->post_name ); ?>" />495 <label class="invisible" for="post_name"><?php _e('Post Slug') ?></label><input name="post_name" type="text" size="13" id="post_name" value="<?php echo esc_attr( $post->post_name ); ?>" /> 496 496 <?php 497 497 } … … 568 568 569 569 <input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID ?>" /> 570 <input type="hidden" id="hiddenaction" name="action" value="<?php echo attr($form_action) ?>" />571 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo attr($form_action) ?>" />572 <input type="hidden" id="post_author" name="post_author" value="<?php echo attr( $post->post_author ); ?>" />573 <input type="hidden" id="post_type" name="post_type" value="<?php echo attr($post->post_type) ?>" />574 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo attr($post->post_status) ?>" />570 <input type="hidden" id="hiddenaction" name="action" value="<?php echo esc_attr($form_action) ?>" /> 571 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo esc_attr($form_action) ?>" /> 572 <input type="hidden" id="post_author" name="post_author" value="<?php echo esc_attr( $post->post_author ); ?>" /> 573 <input type="hidden" id="post_type" name="post_type" value="<?php echo esc_attr($post->post_type) ?>" /> 574 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo esc_attr($post->post_status) ?>" /> 575 575 <input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" /> 576 576 <?php … … 593 593 <div id="titlewrap"> 594 594 <label class="invisible" for="title"><?php _e('Title') ?></label> 595 <input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attr( htmlspecialchars( $post->post_title ) ); ?>" id="title" autocomplete="off" />595 <input type="text" name="post_title" size="30" tabindex="1" value="<?php echo esc_attr( htmlspecialchars( $post->post_title ) ); ?>" id="title" autocomplete="off" /> 596 596 </div> 597 597 <div class="inside">
Note: See TracChangeset
for help on using the changeset viewer.