Make WordPress Core


Ignore:
Timestamp:
05/05/2009 07:43:53 PM (15 years ago)
Author:
markjaquith
Message:

_a(), _ea(), _xa(), attr() are now esc_attr(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/user-edit.php

    r11180 r11204  
    216216    $current_color = 'fresh';
    217217foreach ( $_wp_admin_css_colors as $color => $color_info ): ?>
    218 <div class="color-option"><input name="admin_color" id="admin_color_<?php echo $color; ?>" type="radio" value="<?php echo attr($color) ?>" class="tog" <?php checked($color, $current_color); ?> />
     218<div class="color-option"><input name="admin_color" id="admin_color_<?php echo $color; ?>" type="radio" value="<?php echo esc_attr($color) ?>" class="tog" <?php checked($color, $current_color); ?> />
    219219    <table class="color-palette">
    220220    <tr>
     
    249249    <tr>
    250250        <th><label for="user_login"><?php _e('Username'); ?></label></th>
    251         <td><input type="text" name="user_login" id="user_login" value="<?php echo attr($profileuser->user_login); ?>" disabled="disabled" class="regular-text" /> <?php _e('Your username cannot be changed.'); ?></td>
     251        <td><input type="text" name="user_login" id="user_login" value="<?php echo esc_attr($profileuser->user_login); ?>" disabled="disabled" class="regular-text" /> <?php _e('Your username cannot be changed.'); ?></td>
    252252    </tr>
    253253
     
    275275<tr>
    276276    <th><label for="first_name"><?php _e('First name') ?></label></th>
    277     <td><input type="text" name="first_name" id="first_name" value="<?php echo attr($profileuser->first_name) ?>" class="regular-text" /></td>
     277    <td><input type="text" name="first_name" id="first_name" value="<?php echo esc_attr($profileuser->first_name) ?>" class="regular-text" /></td>
    278278</tr>
    279279
    280280<tr>
    281281    <th><label for="last_name"><?php _e('Last name') ?></label></th>
    282     <td><input type="text" name="last_name" id="last_name" value="<?php echo attr($profileuser->last_name) ?>" class="regular-text" /></td>
     282    <td><input type="text" name="last_name" id="last_name" value="<?php echo esc_attr($profileuser->last_name) ?>" class="regular-text" /></td>
    283283</tr>
    284284
    285285<tr>
    286286    <th><label for="nickname"><?php _e('Nickname') ?></label></th>
    287     <td><input type="text" name="nickname" id="nickname" value="<?php echo attr($profileuser->nickname) ?>" class="regular-text" /></td>
     287    <td><input type="text" name="nickname" id="nickname" value="<?php echo esc_attr($profileuser->nickname) ?>" class="regular-text" /></td>
    288288</tr>
    289289
     
    304304            foreach ( $public_display as $id => $item ) {
    305305        ?>
    306             <option id="<?php echo $id; ?>" value="<?php echo attr($item); ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
     306            <option id="<?php echo $id; ?>" value="<?php echo esc_attr($item); ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
    307307        <?php
    308308            }
     
    318318<tr>
    319319    <th><label for="email"><?php _e('E-mail') ?></label></th>
    320     <td><input type="text" name="email" id="email" value="<?php echo attr($profileuser->user_email) ?>" class="regular-text" /> <?php _e('Required.');?></td>
     320    <td><input type="text" name="email" id="email" value="<?php echo esc_attr($profileuser->user_email) ?>" class="regular-text" /> <?php _e('Required.');?></td>
    321321</tr>
    322322
    323323<tr>
    324324    <th><label for="url"><?php _e('Website') ?></label></th>
    325     <td><input type="text" name="url" id="url" value="<?php echo attr($profileuser->user_url) ?>" class="regular-text code" /></td>
     325    <td><input type="text" name="url" id="url" value="<?php echo esc_attr($profileuser->user_url) ?>" class="regular-text code" /></td>
    326326</tr>
    327327
    328328<tr>
    329329    <th><label for="aim"><?php echo apply_filters('user_aim_label', __('AIM')); ?></label></th>
    330     <td><input type="text" name="aim" id="aim" value="<?php echo attr($profileuser->aim) ?>" class="regular-text" /></td>
     330    <td><input type="text" name="aim" id="aim" value="<?php echo esc_attr($profileuser->aim) ?>" class="regular-text" /></td>
    331331</tr>
    332332
    333333<tr>
    334334    <th><label for="yim"><?php echo apply_filters('user_yim_label', __('Yahoo IM')); ?></label></th>
    335     <td><input type="text" name="yim" id="yim" value="<?php echo attr($profileuser->yim) ?>" class="regular-text" /></td>
     335    <td><input type="text" name="yim" id="yim" value="<?php echo esc_attr($profileuser->yim) ?>" class="regular-text" /></td>
    336336</tr>
    337337
    338338<tr>
    339339    <th><label for="jabber"><?php echo apply_filters('user_jabber_label', __('Jabber / Google Talk')); ?></label></th>
    340     <td><input type="text" name="jabber" id="jabber" value="<?php echo attr($profileuser->jabber) ?>" class="regular-text" /></td>
     340    <td><input type="text" name="jabber" id="jabber" value="<?php echo esc_attr($profileuser->jabber) ?>" class="regular-text" /></td>
    341341</tr>
    342342</table>
     
    396396<p class="submit">
    397397    <input type="hidden" name="action" value="update" />
    398     <input type="hidden" name="user_id" id="user_id" value="<?php echo attr($user_id); ?>" />
    399     <input type="submit" class="button-primary" value="<?php $is_profile_page? _ea('Update Profile') : _ea('Update User') ?>" name="submit" />
     398    <input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr($user_id); ?>" />
     399    <input type="submit" class="button-primary" value="<?php $is_profile_page? esc_attr_e('Update Profile') : esc_attr_e('Update User') ?>" name="submit" />
    400400</p>
    401401</form>
Note: See TracChangeset for help on using the changeset viewer.