WordPress.org

Make WordPress Core


Ignore:
Timestamp:
05/02/2010 10:53:59 PM (12 years ago)
Author:
ryan
Message:

Escape links by default. Props alexkingorg. see #13051

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/meta-boxes.php

    r14315 r14347  
    3838<?php
    3939if ( 'publish' == $post->post_status ) {
    40     $preview_link = esc_url(get_permalink($post->ID));
     40    $preview_link = get_permalink($post->ID);
    4141    $preview_button = __('Preview Changes');
    4242} else {
    43     $preview_link = esc_url(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID))));
     43    $preview_link = apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)));
    4444    $preview_button = __('Preview');
    4545}
     
    205205
    206206<div id="publishing-action">
    207 <img src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" id="ajax-loading" style="visibility:hidden;" alt="" />
     207<img src="<?php echo admin_url( 'images/wpspin_light.gif' ); ?>" id="ajax-loading" style="visibility:hidden;" alt="" />
    208208<?php
    209209if ( !in_array( $post->post_status, array('publish', 'future', 'private') ) || 0 == $post->ID ) {
     
    452452<tbody id="the-comment-list" class="list:comment"></tbody>
    453453</table>
    454 <p class="hide-if-no-js"><a href="#commentstatusdiv" id="show-comments" onclick="commentsBox.get(<?php echo $total; ?>);return false;"><?php _e('Show comments'); ?></a> <img class="waiting" style="display:none;" src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" alt="" /></p>
     454<p class="hide-if-no-js"><a href="#commentstatusdiv" id="show-comments" onclick="commentsBox.get(<?php echo $total; ?>);return false;"><?php _e('Show comments'); ?></a> <img class="waiting" style="display:none;" src="<?php echo admin_url( 'images/wpspin_light.gif' ); ?>" alt="" /></p>
    455455<?php
    456456    $hidden = get_hidden_meta_boxes('post');
Note: See TracChangeset for help on using the changeset viewer.