Changeset 11380 for trunk/wp-admin/includes/template.php
- Timestamp:
- 05/18/2009 03:11:07 PM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/template.php
r11366 r11380 470 470 471 471 $class = in_array( $category->term_id, $popular_cats ) ? ' class="popular-category"' : ''; 472 $output .= "\n<li id='category-$category->term_id'$class>" . '<label class="selectit"><input value="' . $category->term_id . '" type="checkbox" name="post_category[]" id="in-category-' . $category->term_id . '"' . (in_array( $category->term_id, $selected_cats ) ? ' checked="checked"' : "" ) . '/> ' . wp_specialchars( apply_filters('the_category', $category->name )) . '</label>';472 $output .= "\n<li id='category-$category->term_id'$class>" . '<label class="selectit"><input value="' . $category->term_id . '" type="checkbox" name="post_category[]" id="in-category-' . $category->term_id . '"' . (in_array( $category->term_id, $selected_cats ) ? ' checked="checked"' : "" ) . '/> ' . esc_html( apply_filters('the_category', $category->name )) . '</label>'; 473 473 } 474 474 … … 563 563 <label class="selectit"> 564 564 <input id="in-<?php echo $id; ?>" type="checkbox" value="<?php echo (int) $category->term_id; ?>" /> 565 <?php echo wp_specialchars( apply_filters( 'the_category', $category->name ) ); ?>565 <?php echo esc_html( apply_filters( 'the_category', $category->name ) ); ?> 566 566 </label> 567 567 </li> … … 615 615 foreach ( $categories as $category ) { 616 616 $cat_id = $category->term_id; 617 $name = wp_specialchars( apply_filters('the_category', $category->name));617 $name = esc_html( apply_filters('the_category', $category->name)); 618 618 $checked = in_array( $cat_id, $checked_categories ); 619 619 echo '<li id="link-category-', $cat_id, '"><label for="in-link-category-', $cat_id, '" class="selectit"><input value="', $cat_id, '" type="checkbox" name="link_category[]" id="in-link-category-', $cat_id, '"', ($checked ? ' checked="checked"' : "" ), '/> ', $name, "</label></li>"; … … 1305 1305 <div class="mn">' . mysql2date( 'i', $post->post_date, false ) . '</div> 1306 1306 <div class="ss">' . mysql2date( 's', $post->post_date, false ) . '</div> 1307 <div class="post_password">' . wp_specialchars($post->post_password, 1) . '</div>';1307 <div class="post_password">' . esc_html( $post->post_password ) . '</div>'; 1308 1308 1309 1309 if( $post->post_type == 'page' ) 1310 1310 echo ' 1311 1311 <div class="post_parent">' . $post->post_parent . '</div> 1312 <div class="page_template">' . wp_specialchars(get_post_meta( $post->ID, '_wp_page_template', true ), 1) . '</div>1312 <div class="page_template">' . esc_html( get_post_meta( $post->ID, '_wp_page_template', true ) ) . '</div> 1313 1313 <div class="menu_order">' . $post->menu_order . '</div>'; 1314 1314 1315 1315 if( $post->post_type == 'post' ) 1316 1316 echo ' 1317 <div class="tags_input">' . wp_specialchars( str_replace( ',', ', ', get_tags_to_edit($post->ID) ), 1) . '</div>1317 <div class="tags_input">' . esc_html( str_replace( ',', ', ', get_tags_to_edit($post->ID) ) ) . '</div> 1318 1318 <div class="post_category">' . implode( ',', wp_get_post_categories( $post->ID ) ) . '</div> 1319 1319 <div class="sticky">' . (is_sticky($post->ID) ? 'sticky' : '') . '</div>'; … … 1332 1332 global $wp_query, $post, $mode; 1333 1333 1334 add_filter('the_title',' wp_specialchars');1334 add_filter('the_title','esc_html'); 1335 1335 1336 1336 // Create array of post IDs. … … 1479 1479 $out = array(); 1480 1480 foreach ( $categories as $c ) 1481 $out[] = "<a href='edit.php?category_name=$c->slug'> " . wp_specialchars(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "</a>";1481 $out[] = "<a href='edit.php?category_name=$c->slug'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "</a>"; 1482 1482 echo join( ', ', $out ); 1483 1483 } else { … … 1495 1495 $out = array(); 1496 1496 foreach ( $tags as $c ) 1497 $out[] = "<a href='edit.php?tag=$c->slug'> " . wp_specialchars(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";1497 $out[] = "<a href='edit.php?tag=$c->slug'> " . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>"; 1498 1498 echo join( ', ', $out ); 1499 1499 } else { … … 1592 1592 } 1593 1593 1594 $page->post_title = wp_specialchars( $page->post_title );1594 $page->post_title = esc_html( $page->post_title ); 1595 1595 $pad = str_repeat( '— ', $level ); 1596 1596 $id = (int) $page->ID; … … 1654 1654 $edit_link = get_edit_post_link( $page->ID ); 1655 1655 ?> 1656 <td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $page->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $title)); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states($page); echo isset($parent_name) ? ' | ' . __('Parent Page: ') . wp_specialchars($parent_name) : ''; ?></strong>1656 <td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $page->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $title)); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states($page); echo isset($parent_name) ? ' | ' . __('Parent Page: ') . esc_html($parent_name) : ''; ?></strong> 1657 1657 <?php 1658 1658 $actions = array(); … … 2338 2338 if ( $currentcat != $category->term_id && $parent == $category->parent) { 2339 2339 $pad = str_repeat( '– ', $level ); 2340 $category->name = wp_specialchars( $category->name );2340 $category->name = esc_html( $category->name ); 2341 2341 echo "\n\t<option value='$category->term_id'"; 2342 2342 if ( $currentparent == $category->term_id ) … … 2628 2628 $current = ''; 2629 2629 2630 echo "\n\t<option class='level-$level' value='$item->ID'$current>$pad " . wp_specialchars($item->post_title) . "</option>";2630 echo "\n\t<option class='level-$level' value='$item->ID'$current>$pad " . esc_html($item->post_title) . "</option>"; 2631 2631 parent_dropdown( $default, $item->ID, $level +1 ); 2632 2632 }
Note: See TracChangeset
for help on using the changeset viewer.