Make WordPress Core

Changeset 13105


Ignore:
Timestamp:
02/13/2010 09:59:16 AM (15 years ago)
Author:
dd32
Message:

Remove Direct SQL, Use new esc_html() function, Correct the case of the ID keys. See #9015

Location:
trunk/wp-content/themes/twentyten
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-content/themes/twentyten/attachment.php

    r13029 r13105  
    66<?php the_post(); ?>
    77
    8                 <p class="page-title"><a href="<?php echo get_permalink($post->post_parent) ?>" title="<?php printf( esc_attr__( 'Return to %s', 'twentyten' ), wp_specialchars( get_the_title($post->post_parent), 1 ) ) ?>" rel="gallery">&larr; <?php echo get_the_title($post->post_parent) ?></a></p>
     8                <p class="page-title"><a href="<?php echo get_permalink($post->post_parent) ?>" title="<?php printf( esc_attr__( 'Return to %s', 'twentyten' ), esc_html( get_the_title($post->post_parent), 1 ) ) ?>" rel="gallery">&larr; <?php echo get_the_title($post->post_parent) ?></a></p>
    99
    1010                <div id="post-<?php the_ID(); ?>" <?php post_class(); ?>>
     
    2222                    <div class="entry-content">
    2323                        <div class="entry-attachment">
    24 <?php if ( wp_attachment_is_image( $post->id ) ) : $att_image = wp_get_attachment_image_src( $post->id, array(640,640)); ?>
    25                         <p class="attachment"><a href="<?php echo wp_get_attachment_url($post->id); ?>" title="<?php echo esc_attr( get_the_title() ); ?>" rel="attachment"><img src="<?php echo $att_image[0];?>" width="<?php echo $att_image[1];?>" height="<?php echo $att_image[2];?>"  class="attachment-medium" alt="<?php $post->post_excerpt; ?>" /></a>
     24<?php if ( wp_attachment_is_image( $post->ID ) ) : $att_image = wp_get_attachment_image_src( $post->ID,  array(640, 640)); ?>
     25                        <p class="attachment"><a href="<?php echo wp_get_attachment_url($post->ID); ?>" title="<?php echo esc_attr( get_the_title() ); ?>" rel="attachment"><img src="<?php echo $att_image[0];?>" width="<?php echo $att_image[1];?>" height="<?php echo $att_image[2];?>"  class="attachment-medium" alt="<?php $post->post_excerpt; ?>" /></a>
    2626                        </p>
    2727
     
    4848                        get_permalink(),
    4949                        the_title_attribute('echo=0'),
    50                         comments_rss() ) ?>
     50                        get_post_comments_feed_link() ) ?>
    5151
    5252<?php if ( comments_open() && pings_open() ) : // Comments and trackbacks open ?>
  • trunk/wp-content/themes/twentyten/header.php

    r13059 r13105  
    66        elseif ( is_home() || is_front_page() ) { bloginfo('name'); print ' | '; bloginfo('description'); get_page_number(); }
    77        elseif ( is_page() ) { single_post_title(''); print ' | '; bloginfo('name'); }
    8         elseif ( is_search() ) { print 'Search results for ' . wp_specialchars($s); get_page_number(); print ' | '; bloginfo('name'); }
     8        elseif ( is_search() ) { print 'Search results for ' . esc_html($s); get_page_number(); print ' | '; bloginfo('name'); }
    99        elseif ( is_404() ) { print 'Not Found | '; bloginfo('name'); }
    1010        else { bloginfo('name'); wp_title('|'); get_page_number(); }
     
    2121    <?php wp_head(); ?>
    2222
    23     <link rel="alternate" type="application/rss+xml" href="<?php bloginfo('rss2_url'); ?>" title="<?php printf( esc_attr__( '%s latest posts', 'twentyten' ), wp_specialchars( get_bloginfo('name'), 1 ) ); ?>" />
    24     <link rel="alternate" type="application/rss+xml" href="<?php bloginfo('comments_rss2_url') ?>" title="<?php printf( esc_attr__( '%s latest comments', 'twentyten' ), wp_specialchars( get_bloginfo('name'), 1 ) ); ?>" />
     23    <link rel="alternate" type="application/rss+xml" href="<?php bloginfo('rss2_url'); ?>" title="<?php printf( esc_attr__( '%s latest posts', 'twentyten' ), esc_html( get_bloginfo('name') ) ); ?>" />
     24    <link rel="alternate" type="application/rss+xml" href="<?php bloginfo('comments_rss2_url') ?>" title="<?php printf( esc_attr__( '%s latest comments', 'twentyten' ), esc_html( get_bloginfo('name') ) ); ?>" />
    2525    <link rel="pingback" href="<?php bloginfo('pingback_url'); ?>" />
    2626</head>
  • trunk/wp-content/themes/twentyten/index.php

    r13060 r13105  
    2525
    2626            <div class="entry-content">
    27                 <div class="gallery-thumb"><a class="size-thumbnail" href="<?php permalink_link() ?>"><?php $hilite = $wpdb->get_var( "SELECT ID FROM $wpdb->posts WHERE post_parent = '$post->ID' AND post_type = 'attachment' LIMIT 1" ); echo wp_get_attachment_image( $hilite, 'thumbnail' );?></a></div>
    28 
    29                 <p><em><?php printf( __('This gallery contains <a %1$s>%2$s photos</a>.', 'twentyten'), 'href="' . get_permalink() . '" title="' . sprintf( esc_attr__('Permalink to %s', 'twentyten'), the_title_attribute('echo=0') ) . '" rel="bookmark"', $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->posts WHERE post_parent = '$post->ID' AND post_type = 'attachment'" )); ?></em></p>
     27                <div class="gallery-thumb"><a class="size-thumbnail" href="<?php permalink_link() ?>"><?php
     28                $images =& get_children( array('post_parent' => $post->ID, 'post_type' => 'attachment', 'post_mime_type' => 'image', 'orderby' => 'menu_order', 'order' => 'ASC', 'numberposts' => 999) );
     29                $total_images = count($images);
     30                $image = array_shift($images);
     31                echo wp_get_attachment_image( $image->ID, 'thumbnail' );
     32                ?></a></div>
     33                <p><em><?php printf( __('This gallery contains <a %1$s>%2$s photos</a>.', 'twentyten'), 'href="' . get_permalink() . '" title="' . sprintf( esc_attr__('Permalink to %s', 'twentyten'), the_title_attribute('echo=0') ) . '" rel="bookmark"', $total_images ); ?></em></p>
    3034
    3135                <?php the_excerpt(''); ?>
Note: See TracChangeset for help on using the changeset viewer.