WordPress.org

Make WordPress Core


Ignore:
Timestamp:
08/18/2009 04:05:07 PM (12 years ago)
Author:
ryan
Message:

Prophylactic escapes

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/media.php

    r11825 r11838  
    617617        return $content;
    618618
    619     if ( $id ) $id = 'id="' . $id . '" ';
    620 
    621     return '<div ' . $id . 'class="wp-caption ' . $align . '" style="width: ' . (10 + (int) $width) . 'px">'
     619    if ( $id ) $id = 'id="' . esc_attr($id) . '" ';
     620
     621    return '<div ' . $id . 'class="wp-caption ' . esc_attr($align) . '" style="width: ' . (10 + (int) $width) . 'px">'
    622622    . do_shortcode( $content ) . '<p class="wp-caption-text">' . $caption . '</p></div>';
    623623}
Note: See TracChangeset for help on using the changeset viewer.