Changeset 11383 for trunk/wp-includes/default-widgets.php
- Timestamp:
- 05/18/2009 04:00:33 PM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/default-widgets.php
r11380 r11383 660 660 <ul id="recentcomments"><?php 661 661 if ( $comments ) : foreach ( (array) $comments as $comment) : 662 echo '<li class="recentcomments">' . /* translators: comments widget: 1: comment author, 2: post link */ sprintf(_x('%1$s on %2$s', 'widgets'), get_comment_author_link(), '<a href="' . clean_url( get_comment_link($comment->comment_ID) ) . '">' . get_the_title($comment->comment_post_ID) . '</a>') . '</li>';662 echo '<li class="recentcomments">' . /* translators: comments widget: 1: comment author, 2: post link */ sprintf(_x('%1$s on %2$s', 'widgets'), get_comment_author_link(), '<a href="' . esc_url( get_comment_link($comment->comment_ID) ) . '">' . get_the_title($comment->comment_post_ID) . '</a>') . '</li>'; 663 663 endforeach; endif;?></ul> 664 664 <?php echo $after_widget; ?> … … 731 731 if ( empty($title) ) 732 732 $title = htmlentities(strip_tags($rss->get_title())); 733 $link = clean_url(strip_tags($rss->get_permalink()));733 $link = esc_url(strip_tags($rss->get_permalink())); 734 734 while ( stristr($link, 'http') != $link ) 735 735 $link = substr($link, 1); … … 740 740 741 741 $title = apply_filters('widget_title', $title ); 742 $url = clean_url(strip_tags($url));742 $url = esc_url(strip_tags($url)); 743 743 $icon = includes_url('images/rss.png'); 744 744 if ( $title ) … … 814 814 while ( stristr($link, 'http') != $link ) 815 815 $link = substr($link, 1); 816 $link = clean_url(strip_tags($link));816 $link = esc_url(strip_tags($link)); 817 817 $title = esc_attr(strip_tags($item->get_title())); 818 818 if ( empty($title) ) … … 880 880 $number = esc_attr( $number ); 881 881 $title = esc_attr( $title ); 882 $url = clean_url( $url );882 $url = esc_url( $url ); 883 883 $items = (int) $items; 884 884 if ( $items < 1 || 20 < $items ) … … 959 959 if ( $items < 1 || 20 < $items ) 960 960 $items = 10; 961 $url = sanitize_url(strip_tags( $widget_rss['url'] ));961 $url = esc_url_raw(strip_tags( $widget_rss['url'] )); 962 962 $title = trim(strip_tags( $widget_rss['title'] )); 963 963 $show_summary = (int) $widget_rss['show_summary']; … … 972 972 $error = $rss->get_error_message(); 973 973 } else { 974 $link = clean_url(strip_tags($rss->get_permalink()));974 $link = esc_url(strip_tags($rss->get_permalink())); 975 975 while ( stristr($link, 'http') != $link ) 976 976 $link = substr($link, 1);
Note: See TracChangeset
for help on using the changeset viewer.