Make WordPress Core


Ignore:
Timestamp:
05/05/2009 07:43:53 PM (15 years ago)
Author:
markjaquith
Message:

_a(), _ea(), _xa(), attr() are now esc_attr(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/default-widgets.php

    r11199 r11204  
    6262        //Defaults
    6363        $instance = wp_parse_args( (array) $instance, array( 'sortby' => 'post_title', 'title' => '', 'exclude' => '') );
    64         $title = attr( $instance['title'] );
    65         $exclude = attr( $instance['exclude'] );
     64        $title = esc_attr( $instance['title'] );
     65        $exclude = esc_attr( $instance['exclude'] );
    6666    ?>
    6767        <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" /></label></p>
     
    213213        if ( $d ) {
    214214?>
    215         <select name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value=""><?php echo attr(__('Select Month')); ?></option> <?php wp_get_archives("type=monthly&format=option&show_post_count=$c"); ?> </select>
     215        <select name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value=""><?php echo esc_attr(__('Select Month')); ?></option> <?php wp_get_archives("type=monthly&format=option&show_post_count=$c"); ?> </select>
    216216<?php
    217217        } else {
     
    242242        $dropdown = $instance['dropdown'] ? 'checked="checked"' : '';
    243243?>
    244         <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" /></label></p>
     244        <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></label></p>
    245245        <p>
    246246            <label for="<?php echo $this->get_field_id('count'); ?>"><input class="checkbox" type="checkbox" <?php echo $count; ?> id="<?php echo $this->get_field_id('count'); ?>" name="<?php echo $this->get_field_name('count'); ?>" /> <?php _e('Show post counts'); ?></label>
     
    277277            <?php wp_register(); ?>
    278278            <li><?php wp_loginout(); ?></li>
    279             <li><a href="<?php bloginfo('rss2_url'); ?>" title="<?php echo attr(__('Syndicate this site using RSS 2.0')); ?>"><?php _e('Entries <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
    280             <li><a href="<?php bloginfo('comments_rss2_url'); ?>" title="<?php echo attr(__('The latest comments to all posts in RSS')); ?>"><?php _e('Comments <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
    281             <li><a href="http://wordpress.org/" title="<?php echo attr(__('Powered by WordPress, state-of-the-art semantic personal publishing platform.')); ?>">WordPress.org</a></li>
     279            <li><a href="<?php bloginfo('rss2_url'); ?>" title="<?php echo esc_attr(__('Syndicate this site using RSS 2.0')); ?>"><?php _e('Entries <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
     280            <li><a href="<?php bloginfo('comments_rss2_url'); ?>" title="<?php echo esc_attr(__('The latest comments to all posts in RSS')); ?>"><?php _e('Comments <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
     281            <li><a href="http://wordpress.org/" title="<?php echo esc_attr(__('Powered by WordPress, state-of-the-art semantic personal publishing platform.')); ?>">WordPress.org</a></li>
    282282            <?php wp_meta(); ?>
    283283            </ul>
     
    297297        $title = strip_tags($instance['title']);
    298298?>
    299             <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" /></label></p>
     299            <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></label></p>
    300300<?php
    301301    }
     
    339339        <p><label for="<?php echo $this->get_field_id('title'); ?>">
    340340        <?php _e('Title:'); ?>
    341         <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" />
     341        <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" />
    342342        </label></p>
    343343<?php
     
    387387        <p><label for="<?php echo $this->get_field_id('title'); ?>">
    388388        <?php _e('Title:'); ?>
    389         <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" />
     389        <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" />
    390390        </label></p>
    391391
     
    470470        //Defaults
    471471        $instance = wp_parse_args( (array) $instance, array( 'title' => '') );
    472         $title = attr( $instance['title'] );
     472        $title = esc_attr( $instance['title'] );
    473473        $count = (bool) $instance['count'];
    474474        $hierarchical = (bool) $instance['hierarchical'];
     
    573573
    574574    function form( $instance ) {
    575         $title = attr($instance['title']);
     575        $title = esc_attr($instance['title']);
    576576        if ( !$number = (int) $instance['number'] )
    577577            $number = 5;
     
    660660
    661661    function form( $instance ) {
    662         $title = attr($instance['title']);
     662        $title = esc_attr($instance['title']);
    663663        if ( !$number = (int) $instance['number'] )
    664664            $number = 5;
     
    709709
    710710        if ( ! is_wp_error($rss) ) {
    711             $desc = attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
     711            $desc = esc_attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
    712712            if ( empty($title) )
    713713                $title = htmlentities(strip_tags($rss->get_title()));
     
    724724        $icon = includes_url('images/rss.png');
    725725        if ( $title )
    726             $title = "<a class='rsswidget' href='$url' title='" . attr(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
     726            $title = "<a class='rsswidget' href='$url' title='" . esc_attr(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
    727727
    728728        echo $before_widget;
     
    796796            $link = substr($link, 1);
    797797        $link = clean_url(strip_tags($link));
    798         $title = attr(strip_tags($item->get_title()));
     798        $title = esc_attr(strip_tags($item->get_title()));
    799799        if ( empty($title) )
    800800            $title = __('Untitled');
    801801
    802         $desc = str_replace(array("\n", "\r"), ' ', attr(strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset')))));
     802        $desc = str_replace(array("\n", "\r"), ' ', esc_attr(strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset')))));
    803803        $desc = wp_html_excerpt( $desc, 360 ) . ' [&hellip;]';
    804804        $desc = wp_specialchars( $desc );
     
    859859    extract( $inputs, EXTR_SKIP);
    860860
    861     $number = attr( $number );
    862     $title  = attr( $title );
     861    $number = esc_attr( $number );
     862    $title  = esc_attr( $title );
    863863    $url    = clean_url( $url );
    864864    $items  = (int) $items;
     
    996996    <p><label for="<?php echo $this->get_field_id('title'); ?>">
    997997    <?php _e('Title:') ?>
    998     <input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo attr( $instance['title'] ); ?>" />
     998    <input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo esc_attr( $instance['title'] ); ?>" />
    999999    </label></p>
    10001000<?php
Note: See TracChangeset for help on using the changeset viewer.