Make WordPress Core


Ignore:
Timestamp:
05/05/2009 07:43:53 PM (15 years ago)
Author:
markjaquith
Message:

_a(), _ea(), _xa(), attr() are now esc_attr(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/general-template.php

    r11190 r11204  
    121121    $form = '<form role="search" method="get" id="searchform" action="' . get_option('home') . '/" >
    122122    <div><label class="invisible" for="s">' . __('Search for:') . '</label>
    123     <input type="text" value="' . attr(apply_filters('the_search_query', get_search_query())) . '" name="s" id="s" />
    124     <input type="submit" id="searchsubmit" value="'. _a('Search') .'" />
     123    <input type="text" value="' . esc_attr(apply_filters('the_search_query', get_search_query())) . '" name="s" id="s" />
     124    <input type="submit" id="searchsubmit" value="'. esc_attr__('Search') .'" />
    125125    </div>
    126126    </form>';
     
    689689function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
    690690    $text = wptexturize($text);
    691     $title_text = attr($text);
     691    $title_text = esc_attr($text);
    692692    $url = clean_url($url);
    693693
     
    14351435    $args = wp_parse_args( $args, $defaults );
    14361436
    1437     echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . attr(sprintf( $args['feedtitle'], get_bloginfo('name') )) . '" href="' . get_feed_link() . "\" />\n";
    1438     echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . attr(sprintf( $args['comstitle'], get_bloginfo('name') )) . '" href="' . get_feed_link( 'comments_' . get_default_feed() ) . "\" />\n";
     1437    echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . esc_attr(sprintf( $args['feedtitle'], get_bloginfo('name') )) . '" href="' . get_feed_link() . "\" />\n";
     1438    echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . esc_attr(sprintf( $args['comstitle'], get_bloginfo('name') )) . '" href="' . get_feed_link( 'comments_' . get_default_feed() ) . "\" />\n";
    14391439}
    14401440
     
    14681468
    14691469        if ( comments_open() || pings_open() || $post->comment_count > 0 ) {
    1470             $title = attr(sprintf( $args['singletitle'], get_bloginfo('name'), $args['separator'], wp_specialchars( get_the_title() ) ));
     1470            $title = esc_attr(sprintf( $args['singletitle'], get_bloginfo('name'), $args['separator'], wp_specialchars( get_the_title() ) ));
    14711471            $href = get_post_comments_feed_link( $post->ID );
    14721472        }
     
    14741474        $cat_id = intval( get_query_var('cat') );
    14751475
    1476         $title = attr(sprintf( $args['cattitle'], get_bloginfo('name'), $args['separator'], get_cat_name( $cat_id ) ));
     1476        $title = esc_attr(sprintf( $args['cattitle'], get_bloginfo('name'), $args['separator'], get_cat_name( $cat_id ) ));
    14771477        $href = get_category_feed_link( $cat_id );
    14781478    } elseif ( is_tag() ) {
     
    14801480        $tag = get_tag( $tag_id );
    14811481
    1482         $title = attr(sprintf( $args['tagtitle'], get_bloginfo('name'), $args['separator'], $tag->name ));
     1482        $title = esc_attr(sprintf( $args['tagtitle'], get_bloginfo('name'), $args['separator'], $tag->name ));
    14831483        $href = get_tag_feed_link( $tag_id );
    14841484    } elseif ( is_author() ) {
    14851485        $author_id = intval( get_query_var('author') );
    14861486
    1487         $title = attr(sprintf( $args['authortitle'], get_bloginfo('name'), $args['separator'], get_author_name( $author_id ) ));
     1487        $title = esc_attr(sprintf( $args['authortitle'], get_bloginfo('name'), $args['separator'], get_author_name( $author_id ) ));
    14881488        $href = get_author_feed_link( $author_id );
    14891489    } elseif ( is_search() ) {
    1490         $title = attr(sprintf( $args['searchtitle'], get_bloginfo('name'), $args['separator'], get_search_query() ));
     1490        $title = esc_attr(sprintf( $args['searchtitle'], get_bloginfo('name'), $args['separator'], get_search_query() ));
    14911491        $href = get_search_feed_link();
    14921492    }
     
    16821682 * Display the contents of the search query variable.
    16831683 *
    1684  * The search query string is passed through {@link attr()}
     1684 * The search query string is passed through {@link esc_attr()}
    16851685 * to ensure that it is safe for placing in an html attribute.
    16861686 *
     
    16891689 */
    16901690function the_search_query() {
    1691     echo attr( apply_filters( 'the_search_query', get_search_query() ) );
     1691    echo esc_attr( apply_filters( 'the_search_query', get_search_query() ) );
    16921692}
    16931693
Note: See TracChangeset for help on using the changeset viewer.