WordPress.org

Make WordPress Core

Changeset 11245


Ignore:
Timestamp:
05/09/09 07:27:22 (5 years ago)
Author:
markjaquith
Message:

esc_js(). Shorter, follows new escaping naming convention.

Location:
trunk
Files:
19 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-attachment-rows.php

    r11204 r11245  
    8383            $actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '">' . __('Edit') . '</a>'; 
    8484        if ( current_user_can('delete_post', $post->ID) ) 
    85             $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
     85            $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . esc_js(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
    8686        $actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . esc_attr(sprintf(__('View &#8220;%s&#8221;'), $title)) . '" rel="permalink">' . __('View') . '</a>'; 
    8787        $action_count = count($actions); 
  • trunk/wp-admin/edit-form-advanced.php

    r11224 r11245  
    230230<?php 
    231231if ( ( 'edit' == $action ) && current_user_can('delete_post', $post->ID) ) { ?> 
    232 <a class="submitdelete deletion" href="<?php echo wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID); ?>" onclick="if ( confirm('<?php echo js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )); ?>') ) {return true;}return false;"><?php _e('Delete'); ?></a> 
     232<a class="submitdelete deletion" href="<?php echo wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID); ?>" onclick="if ( confirm('<?php echo esc_js(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )); ?>') ) {return true;}return false;"><?php _e('Delete'); ?></a> 
    233233<?php } ?> 
    234234</div> 
  • trunk/wp-admin/edit-form-comment.php

    r11204 r11245  
    7070<div id="major-publishing-actions"> 
    7171<div id="delete-action"> 
    72 <?php echo "<a class='submitdelete deletion' href='" . wp_nonce_url("comment.php?action=deletecomment&amp;c=$comment->comment_ID&amp;_wp_original_http_referer=" . urlencode(wp_get_referer()), 'delete-comment_' . $comment->comment_ID) . "' onclick=\"if ( confirm('" . js_escape(__("You are about to delete this comment. \n  'Cancel' to stop, 'OK' to delete.")) . "') ){return true;}return false;\">" . __('Delete') . "</a>\n"; ?> 
     72<?php echo "<a class='submitdelete deletion' href='" . wp_nonce_url("comment.php?action=deletecomment&amp;c=$comment->comment_ID&amp;_wp_original_http_referer=" . urlencode(wp_get_referer()), 'delete-comment_' . $comment->comment_ID) . "' onclick=\"if ( confirm('" . esc_js(__("You are about to delete this comment. \n  'Cancel' to stop, 'OK' to delete.")) . "') ){return true;}return false;\">" . __('Delete') . "</a>\n"; ?> 
    7373</div> 
    7474<div id="publishing-action"> 
  • trunk/wp-admin/edit-link-form.php

    r11224 r11245  
    8686<?php 
    8787if ( !empty($_GET['action']) && 'edit' == $_GET['action'] && current_user_can('manage_links') ) { ?> 
    88     <a class="submitdelete deletion" href="<?php echo wp_nonce_url("link.php?action=delete&amp;link_id=$link->link_id", 'delete-bookmark_' . $link->link_id); ?>" onclick="if ( confirm('<?php echo js_escape(sprintf(__("You are about to delete this link '%s'\n  'Cancel' to stop, 'OK' to delete."), $link->link_name )); ?>') ) {return true;}return false;"><?php _e('Delete'); ?></a> 
     88    <a class="submitdelete deletion" href="<?php echo wp_nonce_url("link.php?action=delete&amp;link_id=$link->link_id", 'delete-bookmark_' . $link->link_id); ?>" onclick="if ( confirm('<?php echo esc_js(sprintf(__("You are about to delete this link '%s'\n  'Cancel' to stop, 'OK' to delete."), $link->link_name )); ?>') ) {return true;}return false;"><?php _e('Delete'); ?></a> 
    8989<?php } ?> 
    9090</div> 
  • trunk/wp-admin/edit-page-form.php

    r11204 r11245  
    217217<?php 
    218218if ( ( 'edit' == $action ) && current_user_can('delete_page', $post->ID) ) { ?> 
    219 <a class="submitdelete deletion" href="<?php echo wp_nonce_url("page.php?action=delete&amp;post=$post->ID", 'delete-page_' . $post->ID); ?>" onclick="if ( confirm('<?php echo js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this page '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )); ?>') ) {return true;}return false;"><?php _e('Delete'); ?></a> 
     219<a class="submitdelete deletion" href="<?php echo wp_nonce_url("page.php?action=delete&amp;post=$post->ID", 'delete-page_' . $post->ID); ?>" onclick="if ( confirm('<?php echo esc_js(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this page '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )); ?>') ) {return true;}return false;"><?php _e('Delete'); ?></a> 
    220220<?php } ?> 
    221221</div> 
  • trunk/wp-admin/import/blogger.php

    r11204 r11245  
    191191        } 
    192192//echo '<pre>'.print_r($this,1).'</pre>'; 
    193         $start    = js_escape( __('Import') ); 
    194         $continue = js_escape( __('Continue') ); 
    195         $stop     = js_escape( __('Importing...') ); 
    196         $authors  = js_escape( __('Set Authors') ); 
    197         $loadauth = js_escape( __('Preparing author mapping form...') ); 
    198         $authhead = js_escape( __('Final Step: Author Mapping') ); 
    199         $nothing  = js_escape( __('Nothing was imported. Had you already imported this blog?') ); 
     193        $start    = esc_js( __('Import') ); 
     194        $continue = esc_js( __('Continue') ); 
     195        $stop     = esc_js( __('Importing...') ); 
     196        $authors  = esc_js( __('Set Authors') ); 
     197        $loadauth = esc_js( __('Preparing author mapping form...') ); 
     198        $authhead = esc_js( __('Final Step: Author Mapping') ); 
     199        $nothing  = esc_js( __('Nothing was imported. Had you already imported this blog?') ); 
    200200        $title    = __('Blogger Blogs'); 
    201201        $name     = __('Blog Name'); 
     
    216216                $value = $authors; 
    217217            $value = esc_attr($value); 
    218             $blogtitle = js_escape( $blog['title'] ); 
     218            $blogtitle = esc_js( $blog['title'] ); 
    219219            $pdone = isset($blog['posts_done']) ? (int) $blog['posts_done'] : 0; 
    220220            $cdone = isset($blog['comments_done']) ? (int) $blog['comments_done'] : 0; 
     
    659659        $mapthis = __('Blogger username'); 
    660660        $tothis = __('WordPress login'); 
    661         $submit = js_escape( __('Save Changes') ); 
     661        $submit = esc_js( __('Save Changes') ); 
    662662 
    663663        foreach ( $blog['authors'] as $i => $author ) 
  • trunk/wp-admin/includes/template.php

    r11242 r11245  
    14471447                $actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '" title="' . esc_attr(__('Edit this post')) . '">' . __('Edit') . '</a>'; 
    14481448                $actions['inline hide-if-no-js'] = '<a href="#" class="editinline" title="' . esc_attr(__('Edit this post inline')) . '">' . __('Quick&nbsp;Edit') . '</a>'; 
    1449                 $actions['delete'] = "<a class='submitdelete' title='" . esc_attr(__('Delete this post')) . "' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
     1449                $actions['delete'] = "<a class='submitdelete' title='" . esc_attr(__('Delete this post')) . "' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . esc_js(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
    14501450            } 
    14511451            if ( in_array($post->post_status, array('pending', 'draft')) ) { 
     
    16601660            $actions['edit'] = '<a href="' . $edit_link . '" title="' . esc_attr(__('Edit this page')) . '">' . __('Edit') . '</a>'; 
    16611661            $actions['inline'] = '<a href="#" class="editinline">' . __('Quick&nbsp;Edit') . '</a>'; 
    1662             $actions['delete'] = "<a class='submitdelete' title='" . esc_attr(__('Delete this page')) . "' href='" . wp_nonce_url("page.php?action=delete&amp;post=$page->ID", 'delete-page_' . $page->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $page->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this page '%s'\n 'Cancel' to stop, 'OK' to delete."), $page->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
     1662            $actions['delete'] = "<a class='submitdelete' title='" . esc_attr(__('Delete this page')) . "' href='" . wp_nonce_url("page.php?action=delete&amp;post=$page->ID", 'delete-page_' . $page->ID) . "' onclick=\"if ( confirm('" . esc_js(sprintf( ('draft' == $page->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this page '%s'\n 'Cancel' to stop, 'OK' to delete."), $page->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
    16631663        } 
    16641664        if ( in_array($post->post_status, array('pending', 'draft')) ) { 
  • trunk/wp-admin/link-manager.php

    r11204 r11245  
    198198                    $actions = array(); 
    199199                    $actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>'; 
    200                     $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("link.php?action=delete&amp;link_id=$link->link_id", 'delete-bookmark_' . $link->link_id) . "' onclick=\"if ( confirm('" . js_escape(sprintf( __("You are about to delete this link '%s'\n  'Cancel' to stop, 'OK' to delete."), $link->link_name )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
     200                    $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("link.php?action=delete&amp;link_id=$link->link_id", 'delete-bookmark_' . $link->link_id) . "' onclick=\"if ( confirm('" . esc_js(sprintf( __("You are about to delete this link '%s'\n  'Cancel' to stop, 'OK' to delete."), $link->link_name )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
    201201                    $action_count = count($actions); 
    202202                    $i = 0; 
  • trunk/wp-admin/press-this.php

    r11224 r11245  
    403403                break; 
    404404            case 'photo' : 
    405                 jQuery('#extra_fields').before('<p id="waiting"><img src="images/wpspin_light.gif" alt="" /> <?php echo js_escape( __( 'Loading...' ) ); ?></p>'); 
     405                jQuery('#extra_fields').before('<p id="waiting"><img src="images/wpspin_light.gif" alt="" /> <?php echo esc_js( __( 'Loading...' ) ); ?></p>'); 
    406406                jQuery.ajax({ 
    407407                    type: "GET", 
  • trunk/wp-admin/themes.php

    r11204 r11245  
    198198    $actions[] = '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . esc_attr(sprintf(__('Preview &#8220;%s&#8221;'), $theme_name)) . '">' . __('Preview') . '</a>'; 
    199199    if ( current_user_can('update_themes') ) 
    200         $actions[] = '<a class="submitdelete deletion" href="' . wp_nonce_url("themes.php?action=delete&amp;template=$stylesheet", 'delete-theme_' . $stylesheet) . '" onclick="' . "if ( confirm('" . js_escape(sprintf( __("You are about to delete this theme '%s'\n  'Cancel' to stop, 'OK' to delete."), $theme_name )) . "') ) {return true;}return false;" . '">' . __('Delete') . '</a>'; 
     200        $actions[] = '<a class="submitdelete deletion" href="' . wp_nonce_url("themes.php?action=delete&amp;template=$stylesheet", 'delete-theme_' . $stylesheet) . '" onclick="' . "if ( confirm('" . esc_js(sprintf( __("You are about to delete this theme '%s'\n  'Cancel' to stop, 'OK' to delete."), $theme_name )) . "') ) {return true;}return false;" . '">' . __('Delete') . '</a>'; 
    201201    $actions = apply_filters('theme_action_links', $actions, $themes[$theme_name]); 
    202202 
  • trunk/wp-admin/update-core.php

    r11204 r11245  
    5959    if ( $dismissed ) { 
    6060 
    61         $show_text = js_escape(__('Show hidden updates')); 
    62         $hide_text = js_escape(__('Hide hidden updates')); 
     61        $show_text = esc_js(__('Show hidden updates')); 
     62        $hide_text = esc_js(__('Hide hidden updates')); 
    6363    ?> 
    6464    <script type="text/javascript"> 
  • trunk/wp-admin/upload.php

    r11204 r11245  
    342342            $actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '">' . __('Edit') . '</a>'; 
    343343        if ( current_user_can('delete_post', $post->ID) ) 
    344             $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
     344            $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . esc_js(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>"; 
    345345        $actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . esc_attr(sprintf(__('View &#8220;%s&#8221;'), $title)) . '" rel="permalink">' . __('View') . '</a>'; 
    346346        if ( current_user_can('edit_post', $post->ID) ) 
  • trunk/wp-content/themes/default/functions.php

    r11204 r11245  
    252252    } 
    253253    function kRevert() { 
    254         document.getElementById('headerimage').value = '<?php echo js_escape(kubrick_header_image()); ?>'; 
    255         document.getElementById('advuppercolor').value = document.getElementById('uppercolor').value = '#<?php echo js_escape(kubrick_upper_color()); ?>'; 
    256         document.getElementById('advlowercolor').value = document.getElementById('lowercolor').value = '#<?php echo js_escape(kubrick_lower_color()); ?>'; 
    257         document.getElementById('header').style.background = 'url("<?php echo js_escape(kubrick_header_image_url()); ?>") center no-repeat'; 
     254        document.getElementById('headerimage').value = '<?php echo esc_js(kubrick_header_image()); ?>'; 
     255        document.getElementById('advuppercolor').value = document.getElementById('uppercolor').value = '#<?php echo esc_js(kubrick_upper_color()); ?>'; 
     256        document.getElementById('advlowercolor').value = document.getElementById('lowercolor').value = '#<?php echo esc_js(kubrick_lower_color()); ?>'; 
     257        document.getElementById('header').style.background = 'url("<?php echo esc_js(kubrick_header_image_url()); ?>") center no-repeat'; 
    258258        document.getElementById('header').style.color = ''; 
    259         document.getElementById('advfontcolor').value = document.getElementById('fontcolor').value = '<?php echo js_escape(kubrick_header_color_string()); ?>'; 
    260         document.getElementById('fontdisplay').value = '<?php echo js_escape(kubrick_header_display_string()); ?>'; 
     259        document.getElementById('advfontcolor').value = document.getElementById('fontcolor').value = '<?php echo esc_js(kubrick_header_color_string()); ?>'; 
     260        document.getElementById('fontdisplay').value = '<?php echo esc_js(kubrick_header_display_string()); ?>'; 
    261261        document.getElementById('headerimg').style.display = document.getElementById('fontdisplay').value; 
    262262    } 
  • trunk/wp-includes/bookmark.php

    r11204 r11245  
    358358        $value = esc_attr($value); 
    359359    else if ( 'js' == $context ) 
    360         $value = js_escape($value); 
     360        $value = esc_js($value); 
    361361 
    362362    return $value; 
  • trunk/wp-includes/class.wp-scripts.php

    r11058 r11245  
    6161                continue; 
    6262            } 
    63             $data .= "$eol\t$var: \"" . js_escape( $val ) . '"'; 
     63            $data .= "$eol\t$var: \"" . esc_js( $val ) . '"'; 
    6464            $eol = ",\n"; 
    6565        } 
  • trunk/wp-includes/formatting.php

    r11215 r11245  
    20552055 * The filter 'js_escape' is also applied here. 
    20562056 * 
    2057  * @since 2.0.4 
     2057 * @since 2.8.0 
    20582058 * 
    20592059 * @param string $text The text to be escaped. 
    20602060 * @return string Escaped text. 
    20612061 */ 
    2062 function js_escape($text) { 
     2062function esc_js( $text ) { 
    20632063    $safe_text = wp_check_invalid_utf8( $text ); 
    20642064    $safe_text = wp_specialchars( $safe_text, ENT_COMPAT ); 
     
    20662066    $safe_text = preg_replace( "/\r?\n/", "\\n", addslashes( $safe_text ) ); 
    20672067    return apply_filters( 'js_escape', $safe_text, $text ); 
     2068} 
     2069 
     2070/** 
     2071 * Escape single quotes, specialchar double quotes, and fix line endings. 
     2072 * 
     2073 * The filter 'js_escape' is also applied by esc_js() 
     2074 * 
     2075 * @since 2.0.4 
     2076 * 
     2077 * @deprecated 2.8.0 
     2078 * @see esc_js() 
     2079 * 
     2080 * @param string $text The text to be escaped. 
     2081 * @return string Escaped text. 
     2082 */ 
     2083function js_escape( $text ) { 
     2084    return esc_js( $text ); 
    20682085} 
    20692086 
  • trunk/wp-includes/js/tinymce/langs/wp-langs.php

    r10774 r11245  
    1919 
    2020    if ( 'en' == $language ) return $text; 
    21     else return js_escape($text); 
     21    else return esc_js($text); 
    2222} 
    2323 
  • trunk/wp-includes/post.php

    r11222 r11245  
    906906        $value = esc_attr($value); 
    907907    else if ( 'js' == $context ) 
    908         $value = js_escape($value); 
     908        $value = esc_js($value); 
    909909 
    910910    return $value; 
  • trunk/wp-includes/taxonomy.php

    r11216 r11245  
    10141014        $value = esc_attr($value); 
    10151015    else if ( 'js' == $context ) 
    1016         $value = js_escape($value); 
     1016        $value = esc_js($value); 
    10171017 
    10181018    return $value; 
Note: See TracChangeset for help on using the changeset viewer.