Make WordPress Core


Ignore:
Timestamp:
05/05/2009 07:43:53 PM (15 years ago)
Author:
markjaquith
Message:

_a(), _ea(), _xa(), attr() are now esc_attr(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/press-this.php

    r11203 r11204  
    136136        <div class="titlediv">
    137137        <div class="titlewrap">
    138             <input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attr($title);?>"/>
    139         </div>
    140         </div>
    141 
    142         <p class="centered"><input type="hidden" name="this_photo" value="<?php echo attr($image); ?>" id="this_photo" />
    143             <a href="#" class="select"><img src="<?php echo clean_url($image); ?>" alt="<?php echo attr(__('Click to insert.')); ?>" title="<?php echo attr(__('Click to insert.')); ?>" /></a></p>
     138            <input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo esc_attr($title);?>"/>
     139        </div>
     140        </div>
     141
     142        <p class="centered"><input type="hidden" name="this_photo" value="<?php echo esc_attr($image); ?>" id="this_photo" />
     143            <a href="#" class="select"><img src="<?php echo clean_url($image); ?>" alt="<?php echo esc_attr(__('Click to insert.')); ?>" title="<?php echo esc_attr(__('Click to insert.')); ?>" /></a></p>
    144144
    145145        <p id="options"><a href="#" class="select button"><?php _e('Insert Image'); ?></a> <a href="#" class="cancel button"><?php _e('Cancel'); ?></a></p>
     
    169169        <div id="titlediv">
    170170            <div class="titlewrap">
    171             <input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attr($title);?>"/>
     171            <input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo esc_attr($title);?>"/>
    172172            </div>
    173173        </div>
     
    378378        switch(tab_name) {
    379379            case 'video' :
    380                 jQuery('#extra_fields').load('<?php echo clean_url($_SERVER['PHP_SELF']); ?>', { ajax: 'video', s: '<?php echo attr($selection); ?>'}, function() {
     380                jQuery('#extra_fields').load('<?php echo clean_url($_SERVER['PHP_SELF']); ?>', { ajax: 'video', s: '<?php echo esc_attr($selection); ?>'}, function() {
    381381                    <?php
    382382                    $content = '';
    383383                    if ( preg_match("/youtube\.com\/watch/i", $url) ) {
    384384                        list($domain, $video_id) = split("v=", $url);
    385                         $video_id = attr($video_id);
     385                        $video_id = esc_attr($video_id);
    386386                        $content = '<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/' . $video_id . '"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/' . $video_id . '" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>';
    387387
    388388                    } elseif ( preg_match("/vimeo\.com\/[0-9]+/i", $url) ) {
    389389                        list($domain, $video_id) = split(".com/", $url);
    390                         $video_id = attr($video_id);
     390                        $video_id = esc_attr($video_id);
    391391                        $content = '<object width="400" height="225"><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="movie" value="http://www.vimeo.com/moogaloop.swf?clip_id=' . $video_id . '&amp;server=www.vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=&amp;fullscreen=1" />  <embed src="http://www.vimeo.com/moogaloop.swf?clip_id=' . $video_id . '&amp;server=www.vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=&amp;fullscreen=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" width="400" height="225"></embed></object>';
    392392
     
    458458                <div class="inside">
    459459                    <p>
    460                         <input class="button" type="submit" name="draft" value="<?php _ea('Save Draft') ?>" id="save" />
     460                        <input class="button" type="submit" name="draft" value="<?php esc_attr_e('Save Draft') ?>" id="save" />
    461461                        <?php if ( current_user_can('publish_posts') ) { ?>
    462                             <input class="button-primary" type="submit" name="publish" value="<?php _ea('Publish') ?>" id="publish" />
     462                            <input class="button-primary" type="submit" name="publish" value="<?php esc_attr_e('Publish') ?>" id="publish" />
    463463                        <?php } else { ?>
    464                             <br /><br /><input class="button-primary" type="submit" name="review" value="<?php _ea('Submit for Review') ?>" id="review" />
     464                            <br /><br /><input class="button-primary" type="submit" name="review" value="<?php esc_attr_e('Submit for Review') ?>" id="review" />
    465465                        <?php } ?>
    466466                        <img src="images/wpspin_light.gif" alt="" id="saving" style="display:none;" />
     
    482482                        <a id="category-add-toggle" href="#category-add" class="hide-if-no-js" tabindex="3"><?php _e( '+ Add New Category' ); ?></a>
    483483                        <p id="category-add" class="wp-hidden-child">
    484                             <label class="invisible" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php _ea( 'New category name' ); ?>" tabindex="3" aria-required="true"/>
     484                            <label class="invisible" for="newcat"><?php _e( 'Add New Category' ); ?></label><input type="text" name="newcat" id="newcat" class="form-required form-input-tip" value="<?php esc_attr_e( 'New category name' ); ?>" tabindex="3" aria-required="true"/>
    485485                            <label class="invisible" for="newcat_parent"><?php _e('Parent category'); ?>:</label><?php wp_dropdown_categories( array( 'hide_empty' => 0, 'name' => 'newcat_parent', 'orderby' => 'name', 'hierarchical' => 1, 'show_option_none' => __('Parent category'), 'tab_index' => 3 ) ); ?>
    486                             <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php _ea( 'Add' ); ?>" tabindex="3" />
     486                            <input type="button" id="category-add-sumbit" class="add:categorychecklist:category-add button" value="<?php esc_attr_e( 'Add' ); ?>" tabindex="3" />
    487487                            <?php wp_nonce_field( 'add-category', '_ajax_nonce', false ); ?>
    488488                            <span id="category-ajax-response"></span>
     
    500500                            <input type="hidden" name="tax_input[post_tag]" class="the-tags" id="tax-input[post_tag]" value="" />
    501501                            <span class="ajaxtag" style="display:none;">
    502                                 <input type="text" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php _ea('Add new tag'); ?>" />
    503                                 <input type="button" class="button tagadd" value="<?php _ea('Add'); ?>" tabindex="3" />
     502                                <input type="text" name="newtag[post_tag]" class="newtag form-input-tip" size="16" autocomplete="off" value="<?php esc_attr_e('Add new tag'); ?>" />
     503                                <input type="button" class="button tagadd" value="<?php esc_attr_e('Add'); ?>" tabindex="3" />
    504504                            </span>
    505505                        </p>
     
    519519        <div id="titlediv">
    520520            <div class="titlewrap">
    521                 <input name="title" id="title" class="text" value="<?php echo attr($title);?>"/>
     521                <input name="title" id="title" class="text" value="<?php echo esc_attr($title);?>"/>
    522522            </div>
    523523        </div>
Note: See TracChangeset for help on using the changeset viewer.