Changeset 11838
- Timestamp:
- 08/18/2009 04:05:07 PM (15 years ago)
- Location:
- trunk/wp-includes
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/author-template.php
r11450 r11838 133 133 function the_author_link() { 134 134 if ( get_the_author_meta('url') ) { 135 echo '<a href="' . get_the_author_meta('url') . '" title="' . sprintf(__("Visit %s’s website"), get_the_author()) . '" rel="external">' . get_the_author() . '</a>';135 echo '<a href="' . get_the_author_meta('url') . '" title="' . esc_attr( sprintf(__("Visit %s’s website"), get_the_author()) ) . '" rel="external">' . get_the_author() . '</a>'; 136 136 } else { 137 137 the_author(); … … 182 182 '<a href="%1$s" title="%2$s">%3$s</a>', 183 183 get_author_posts_url( $authordata->ID, $authordata->user_nicename ), 184 sprintf( __( 'Posts by %s' ), esc_attr(get_the_author() ) ),184 esc_attr( sprintf( __( 'Posts by %s' ), get_the_author() ) ), 185 185 get_the_author() 186 186 ); … … 293 293 $link = $name; 294 294 } else { 295 $link = '<a href="' . get_author_posts_url($author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), esc_attr($author->display_name)) . '">' . $name . '</a>';295 $link = '<a href="' . get_author_posts_url($author->ID, $author->user_nicename) . '" title="' . esc_attr( sprintf(__("Posts by %s"), $author->display_name) ) . '">' . $name . '</a>'; 296 296 297 297 if ( (! empty($feed_image)) || (! empty($feed)) ) { … … 302 302 303 303 if ( !empty($feed) ) { 304 $title = ' title="' . $feed. '"';305 $alt = ' alt="' . $feed. '"';304 $title = ' title="' . esc_attr($feed) . '"'; 305 $alt = ' alt="' . esc_attr($feed) . '"'; 306 306 $name = $feed; 307 307 $link .= $title; … … 311 311 312 312 if ( !empty($feed_image) ) 313 $link .= "<img src=\" $feed_image\" style=\"border: none;\"$alt$title" . ' />';313 $link .= "<img src=\"" . esc_url($feed_image) . "\" style=\"border: none;\"$alt$title" . ' />'; 314 314 else 315 315 $link .= $name; -
trunk/wp-includes/bookmark-template.php
r11383 r11838 91 91 $rel = $bookmark->link_rel; 92 92 if ( '' != $rel ) 93 $rel = ' rel="' . $rel. '"';93 $rel = ' rel="' . esc_attr($rel) . '"'; 94 94 95 95 $target = $bookmark->link_target; -
trunk/wp-includes/category-template.php
r11744 r11838 69 69 70 70 if ( $link ) 71 $chain .= '<a href="' . get_category_link( $parent->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $parent->cat_name) . '">'.$name.'</a>' . $separator;71 $chain .= '<a href="' . get_category_link( $parent->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $parent->cat_name ) ) . '">'.$name.'</a>' . $separator; 72 72 else 73 73 $chain .= $name.$separator; … … 191 191 if ( $category->parent ) 192 192 $thelist .= get_category_parents( $category->parent, true, $separator ); 193 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $category->name) . '" ' . $rel . '>' . $category->name.'</a></li>';193 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $category->name ) ) . '" ' . $rel . '>' . $category->name.'</a></li>'; 194 194 break; 195 195 case 'single': 196 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $category->name) . '" ' . $rel . '>';196 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $category->name ) ) . '" ' . $rel . '>'; 197 197 if ( $category->parent ) 198 198 $thelist .= get_category_parents( $category->parent, false, $separator ); … … 201 201 case '': 202 202 default: 203 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $category->name) . '" ' . $rel . '>' . $category->cat_name.'</a></li>';203 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $category->name ) ) . '" ' . $rel . '>' . $category->cat_name.'</a></li>'; 204 204 } 205 205 } … … 214 214 if ( $category->parent ) 215 215 $thelist .= get_category_parents( $category->parent, true, $separator ); 216 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $category->name) . '" ' . $rel . '>' . $category->cat_name.'</a>';216 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $category->name ) ) . '" ' . $rel . '>' . $category->cat_name.'</a>'; 217 217 break; 218 218 case 'single': 219 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $category->name) . '" ' . $rel . '>';219 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $category->name ) ) . '" ' . $rel . '>'; 220 220 if ( $category->parent ) 221 221 $thelist .= get_category_parents( $category->parent, false, $separator ); … … 224 224 case '': 225 225 default: 226 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . sprintf( __( "View all posts in %s" ), $category->name) . '" ' . $rel . '>' . $category->name.'</a>';226 $thelist .= '<a href="' . get_category_link( $category->term_id ) . '" title="' . esc_attr( sprintf( __( "View all posts in %s" ), $category->name ) ) . '" ' . $rel . '>' . $category->name.'</a>'; 227 227 } 228 228 ++$i; … … 353 353 354 354 $categories = get_categories( $r ); 355 $name = esc_attr($name); 356 $class = esc_attr($class); 355 357 356 358 $output = ''; -
trunk/wp-includes/comment-template.php
r11724 r11838 338 338 $classes = array_merge($classes, $class); 339 339 } 340 341 $classes = array_map('esc_attr', $classes); 340 342 341 343 return apply_filters('comment_class', $classes, $class, $comment_id, $post_id); … … 941 943 942 944 if ( 0 == $number && !comments_open() && !pings_open() ) { 943 echo '<span' . ((!empty($css_class)) ? ' class="' . $css_class. '"' : '') . '>' . $none . '</span>';945 echo '<span' . ((!empty($css_class)) ? ' class="' . esc_attr( $css_class ) . '"' : '') . '>' . $none . '</span>'; 944 946 return; 945 947 } … … 973 975 echo apply_filters( 'comments_popup_link_attributes', '' ); 974 976 975 echo ' title="' . sprintf( __('Comment on %s'), $title) . '">';977 echo ' title="' . esc_attr( sprintf( __('Comment on %s'), $title ) ) . '">'; 976 978 comments_number( $zero, $one, $more, $number ); 977 979 echo '</a>'; -
trunk/wp-includes/general-template.php
r11548 r11838 1024 1024 /* translators: Calendar caption: 1: month name, 2: 4-digit year */ 1025 1025 $calendar_caption = _x('%1$s %2$s', 'calendar caption'); 1026 echo '<table id="wp-calendar" summary="' . __('Calendar') . '">1026 echo '<table id="wp-calendar" summary="' . esc_attr__('Calendar') . '"> 1027 1027 <caption>' . sprintf($calendar_caption, $wp_locale->get_month($thismonth), date('Y', $unixmonth)) . '</caption> 1028 1028 <thead> … … 1037 1037 foreach ( $myweek as $wd ) { 1038 1038 $day_name = (true == $initial) ? $wp_locale->get_weekday_initial($wd) : $wp_locale->get_weekday_abbrev($wd); 1039 $wd = esc_attr($wd); 1039 1040 echo "\n\t\t<th abbr=\"$wd\" scope=\"col\" title=\"$wd\">$day_name</th>"; 1040 1041 } … … 1059 1060 if ( $next ) { 1060 1061 echo "\n\t\t".'<td abbr="' . $wp_locale->get_month($next->month) . '" colspan="3" id="next"><a href="' . 1061 get_month_link($next->year, $next->month) . '" title="' . sprintf(__('View posts for %1$s %2$s'), $wp_locale->get_month($next->month),1062 date('Y', mktime(0, 0 , 0, $next->month, 1, $next->year))) . '">' . $wp_locale->get_month_abbrev($wp_locale->get_month($next->month)) . ' »</a></td>';1062 get_month_link($next->year, $next->month) . '" title="' . esc_attr( sprintf(__('View posts for %1$s %2$s'), $wp_locale->get_month($next->month) , 1063 date('Y', mktime(0, 0 , 0, $next->month, 1, $next->year))) ) . '">' . $wp_locale->get_month_abbrev($wp_locale->get_month($next->month)) . ' »</a></td>'; 1063 1064 } else { 1064 1065 echo "\n\t\t".'<td colspan="3" id="next" class="pad"> </td>'; … … 1117 1118 $pad = calendar_week_mod(date('w', $unixmonth)-$week_begins); 1118 1119 if ( 0 != $pad ) 1119 echo "\n\t\t".'<td colspan="'. $pad.'" class="pad"> </td>';1120 echo "\n\t\t".'<td colspan="'. esc_attr($pad) .'" class="pad"> </td>'; 1120 1121 1121 1122 $daysinmonth = intval(date('t', $unixmonth)); … … 1131 1132 1132 1133 if ( in_array($day, $daywithpost) ) // any posts today? 1133 echo '<a href="' . get_day_link($thisyear, $thismonth, $day) . "\" title=\" $ak_titles_for_day[$day]\">$day</a>";1134 echo '<a href="' . get_day_link($thisyear, $thismonth, $day) . "\" title=\"" . esc_attr($ak_titles_for_day[$day]) . "\">$day</a>"; 1134 1135 else 1135 1136 echo $day; … … 1142 1143 $pad = 7 - calendar_week_mod(date('w', mktime(0, 0 , 0, $thismonth, $day, $thisyear))-$week_begins); 1143 1144 if ( $pad != 0 && $pad != 7 ) 1144 echo "\n\t\t".'<td class="pad" colspan="'. $pad.'"> </td>';1145 echo "\n\t\t".'<td class="pad" colspan="'. esc_attr($pad) .'"> </td>'; 1145 1146 1146 1147 echo "\n\t</tr>\n\t</tbody>\n\t</table>"; -
trunk/wp-includes/media.php
r11825 r11838 617 617 return $content; 618 618 619 if ( $id ) $id = 'id="' . $id. '" ';620 621 return '<div ' . $id . 'class="wp-caption ' . $align. '" style="width: ' . (10 + (int) $width) . 'px">'619 if ( $id ) $id = 'id="' . esc_attr($id) . '" '; 620 621 return '<div ' . $id . 'class="wp-caption ' . esc_attr($align) . '" style="width: ' . (10 + (int) $width) . 'px">' 622 622 . do_shortcode( $content ) . '<p class="wp-caption-text">' . $caption . '</p></div>'; 623 623 } -
trunk/wp-includes/post-template.php
r11642 r11838 342 342 $classes = array_merge($classes, $class); 343 343 } 344 345 $classes = array_map('esc_attr', $classes); 344 346 345 347 return apply_filters('post_class', $classes, $class, $post_id); … … 478 480 $classes = array_merge($classes, $class); 479 481 } 482 483 $classes = array_map('esc_attr', $classes); 480 484 481 485 return apply_filters('body_class', $classes, $class); … … 707 711 $pages = get_pages($r); 708 712 $output = ''; 713 $name = esc_attr($name); 709 714 710 715 if ( ! empty($pages) ) { … … 843 848 $menu = '<ul>' . $menu . '</ul>'; 844 849 845 $menu = '<div class="' . $args['menu_class']. '">' . $menu . "</div>\n";850 $menu = '<div class="' . esc_attr($args['menu_class']) . '">' . $menu . "</div>\n"; 846 851 $menu = apply_filters( 'wp_page_menu', $menu, $args ); 847 852 if ( $args['echo'] )
Note: See TracChangeset
for help on using the changeset viewer.