Make WordPress Core

Changeset 14207


Ignore:
Timestamp:
04/23/2010 09:20:16 PM (15 years ago)
Author:
westi
Message:

Added escaping to wp_shortlink_wp_head() too. See #10640 props sirzooro.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/link-template.php

    r14141 r14207  
    22002200 */
    22012201function wp_shortlink_wp_head() {
    2202     $shortlink = wp_get_shortlink(0, 'query');
    2203 
    2204     if ( empty($shortlink) )
    2205         return;
    2206 
    2207     echo "<link rel='shortlink' href='" . $shortlink . "' />\n";
     2202    $shortlink = wp_get_shortlink( 0, 'query' );
     2203
     2204    if ( empty( $shortlink ) )
     2205        return;
     2206
     2207    echo "<link rel='shortlink' href='" . esc_attr( $shortlink ) . "' />\n";
    22082208}
    22092209
     
    22432243 * @param string $before Optional HTML to display after the link.
    22442244 */
    2245 function the_shortlink($text = '', $title = '', $before = '', $after = '') {
     2245function the_shortlink( $text = '', $title = '', $before = '', $after = '' ) {
    22462246    global $post;
    22472247
    2248     if ( empty($text) )
     2248    if ( empty( $text ) )
    22492249        $text = __('This is the short link.');
    22502250
    2251     if ( empty($title) )
    2252         $title = the_title_attribute( array('echo' => FALSE) );
    2253 
    2254     $shortlink = wp_get_shortlink($post->ID);
    2255 
    2256     if ( !empty($shortlink) )
    2257         echo "$before<a rel='shortlink' href='$shortlink' title='$title'>$text</a>$after";
     2251    if ( empty( $title ) )
     2252        $title = the_title_attribute( array( 'echo' => FALSE ) );
     2253
     2254    $shortlink = wp_get_shortlink( $post->ID );
     2255
     2256    if ( !empty( $shortlink ) ) {
     2257        $link = '<a rel="shortlink" href="' . esc_attr( $shortlink ) . '" title="' . $title . '">' . $text . '</a>';
     2258        $link = apply_filters( 'the_shortlink', $link, $shortlink, $text, $title );
     2259        echo $before, $link, $after;
     2260    }
    22582261}
    22592262
Note: See TracChangeset for help on using the changeset viewer.