Changeset 11204 for trunk/wp-admin/users.php
- Timestamp:
- 05/05/2009 07:43:53 PM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/users.php
r11190 r11204 29 29 30 30 if ( empty($_REQUEST) ) { 31 $referer = '<input type="hidden" name="wp_http_referer" value="'. attr(stripslashes($_SERVER['REQUEST_URI'])) . '" />';31 $referer = '<input type="hidden" name="wp_http_referer" value="'. esc_attr(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; 32 32 } elseif ( isset($_REQUEST['wp_http_referer']) ) { 33 33 $redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), stripslashes($_REQUEST['wp_http_referer'])); 34 $referer = '<input type="hidden" name="wp_http_referer" value="' . attr($redirect) . '" />';34 $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr($redirect) . '" />'; 35 35 } else { 36 36 $redirect = 'users.php'; … … 150 150 echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n"; 151 151 } else { 152 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"" . attr($id) . "\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";152 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"" . esc_attr($id) . "\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n"; 153 153 $go_delete = true; 154 154 } … … 158 158 foreach ( (array) $all_logins as $login ) 159 159 if ( $login->ID == $current_user->ID || !in_array($login->ID, $userids) ) 160 $user_dropdown .= "<option value=\"" . attr($login->ID) . "\">{$login->user_login}</option>";160 $user_dropdown .= "<option value=\"" . esc_attr($login->ID) . "\">{$login->user_login}</option>"; 161 161 $user_dropdown .= '</select>'; 162 162 ?> … … 171 171 </ul></fieldset> 172 172 <input type="hidden" name="action" value="dodelete" /> 173 <p class="submit"><input type="submit" name="submit" value="<?php _ea('Confirm Deletion'); ?>" class="button-secondary" /></p>173 <p class="submit"><input type="submit" name="submit" value="<?php esc_attr_e('Confirm Deletion'); ?>" class="button-secondary" /></p> 174 174 <?php else : ?> 175 175 <p><?php _e('There are no valid users selected for deletion.'); ?></p> … … 292 292 <p class="search-box"> 293 293 <label class="invisible" for="user-search-input"><?php _e( 'Search Users' ); ?>:</label> 294 <input type="text" id="user-search-input" name="usersearch" value="<?php echo attr($wp_user_search->search_term); ?>" />295 <input type="submit" value="<?php _ea( 'Search Users' ); ?>" class="button" />294 <input type="text" id="user-search-input" name="usersearch" value="<?php echo esc_attr($wp_user_search->search_term); ?>" /> 295 <input type="submit" value="<?php esc_attr_e( 'Search Users' ); ?>" class="button" /> 296 296 </p> 297 297 </form> … … 309 309 <option value="delete"><?php _e('Delete'); ?></option> 310 310 </select> 311 <input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />311 <input type="submit" value="<?php esc_attr_e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" /> 312 312 <label class="invisible" for="new_role"><?php _e('Change role to…') ?></label><select name="new_role" id="new_role"><option value=''><?php _e('Change role to…') ?></option><?php wp_dropdown_roles(); ?></select> 313 <input type="submit" value="<?php _ea('Change'); ?>" name="changeit" class="button-secondary" />313 <input type="submit" value="<?php esc_attr_e('Change'); ?>" name="changeit" class="button-secondary" /> 314 314 <?php wp_nonce_field('bulk-users'); ?> 315 315 </div> … … 375 375 <option value="delete"><?php _e('Delete'); ?></option> 376 376 </select> 377 <input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />377 <input type="submit" value="<?php esc_attr_e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" /> 378 378 </div> 379 379 … … 389 389 foreach ( array('user_login' => 'user_login', 'first_name' => 'user_firstname', 'last_name' => 'user_lastname', 'email' => 'user_email', 'url' => 'user_uri', 'role' => 'user_role') as $formpost => $var ) { 390 390 $var = 'new_' . $var; 391 $$var = isset($_REQUEST[$formpost]) ? attr(stripslashes($_REQUEST[$formpost])) : '';391 $$var = isset($_REQUEST[$formpost]) ? esc_attr(stripslashes($_REQUEST[$formpost])) : ''; 392 392 } 393 393 unset($name);
Note: See TracChangeset
for help on using the changeset viewer.