WordPress.org

Make WordPress Core

Changeset 13553


Ignore:
Timestamp:
03/02/2010 06:36:49 PM (8 years ago)
Author:
nacin
Message:

Add id argument to wp_dropdown_users() and wp_dropdown_categories(). props johnbillion. Ensure we're escaping name and id in wp_dropdown_users(). fixes #12132

Location:
trunk/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/category-template.php

    r13268 r13553  
    315315 *     'depth' (int) - The max depth.
    316316 *     'tab_index' (int) - Tab index for select element.
    317  *     'name' (string) - The name attribute value for selected element.
    318  *     'class' (string) - The class attribute value for selected element.
     317 *     'name' (string) - The name attribute value for select element.
     318 *     'id' (string) - The ID attribute value for select element. Defaults to name if omitted.
     319 *     'class' (string) - The class attribute value for select element.
    319320 *     'selected' (int) - Which category ID is selected.
    320321 *
     
    337338        'exclude' => '', 'echo' => 1,
    338339        'selected' => 0, 'hierarchical' => 0,
    339         'name' => 'cat', 'class' => 'postform',
    340         'depth' => 0, 'tab_index' => 0,
    341         'taxonomy' => 'category', 'hide_if_empty' => false
     340        'name' => 'cat', 'id' => '',
     341        'class' => 'postform', 'depth' => 0,
     342        'tab_index' => 0, 'taxonomy' => 'category',
     343        'hide_if_empty' => false
    342344    );
    343345
     
    358360
    359361    $categories = get_terms( $taxonomy, $r );
    360     $name = esc_attr($name);
    361     $class = esc_attr($class);
     362    $name = esc_attr( $name );
     363    $class = esc_attr( $class );
     364    $id = $id ? esc_attr( $id ) : $name;
    362365
    363366    if ( ! $r['hide_if_empty'] || ! empty($categories) )
    364         $output = "<select name='$name' id='$name' class='$class' $tab_index_attribute>\n";
     367        $output = "<select name='$name' id='$id' class='$class' $tab_index_attribute>\n";
    365368    else
    366369        $output = '';
  • trunk/wp-includes/user.php

    r13551 r13553  
    404404 * <li>include - User IDs to include.</li>
    405405 * <li>exclude - User IDs to exclude.</li>
    406  * <li>multi - Default is 'false'. Whether to skip the ID attribute on the 'select' element.</li>
     406 * <li>multi - Default is 'false'. Whether to skip the ID attribute on the 'select' element. A 'true' value is overridden when id argument is set.</li>
    407407 * <li>show - Default is 'display_name'. User table column to display. If the selected item is empty then the user_login will be displayed in parentesis</li>
    408408 * <li>echo - Default is '1'. Whether to display or retrieve content.</li>
    409409 * <li>selected - Which User ID is selected.</li>
    410410 * <li>name - Default is 'user'. Name attribute of select element.</li>
     411 * <li>id - Default is the value of the 'name' parameter. ID attribute of select element.</li>
    411412 * <li>class - Class attribute of select element.</li>
    412413 * <li>blog_id - ID of blog (Multisite only). Defaults to ID of current blog.</li>
     
    427428        'show' => 'display_name', 'echo' => 1,
    428429        'selected' => 0, 'name' => 'user', 'class' => '', 'blog_id' => $GLOBALS['blog_id'],
     430        'id' => '',
    429431    );
    430432
     
    460462    $output = '';
    461463    if ( !empty($users) ) {
    462         $id = $multi ? "" : "id='$name'";
    463 
    464         $output = "<select name='$name' $id class='$class'>\n";
     464        $name = esc_attr( $name );
     465        if ( $multi && ! $id )
     466            $id = '';
     467        else
     468            $id = $id ? " id='" . esc_attr( $id ) . "'" : "id='$name'";
     469
     470        $output = "<select name='{$name}'{$id} class='$class'>\n";
    465471
    466472        if ( $show_option_all )
Note: See TracChangeset for help on using the changeset viewer.