Changeset 14374 for trunk/wp-admin/includes/template.php

Timestamp:

05/03/2010 06:16:22 PM (16 years ago)

Author:

ryan

Message:

Revert [14347] and [14372]. It broke more than we expected. Try again in 3.1. see #13051

File:

• trunk/wp-admin/includes/template.php (modified) (8 diffs)

trunk/wp-admin/includes/template.php

@@ -66 +66 @@
         <?php $update_text = sprintf( __('Update %s'), $tax->singular_label ); ?>
         <a accesskey="s" href="#inline-edit" title="<?php echo esc_attr( $update_text ); ?>" class="save button-primary alignright"><?php echo $update_text; ?></a>
-        <img class="waiting" style="display:none;" src="<?php echo admin_url( 'images/wpspin_light.gif' ); ?>" alt="" />
+        <img class="waiting" style="display:none;" src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" alt="" />
         <span class="error" style="display:none;"></span>
         <?php wp_nonce_field( 'taxinlineeditnonce', '_inline_edit', false ); ?>
@@ -614 +614 @@
     $post_status = !empty($_REQUEST['post_status']) ? $_REQUEST['post_status'] : 'all';
     if ( !in_array( $post_status, array('pending', 'draft', 'future') ) && ( empty($post_type) || post_type_supports($post_type, 'comments') ) )
-        $posts_columns['comments'] = '<div class="vers"><img alt="Comments" src="' . admin_url( 'images/comment-grey-bubble.png' ) . '" /></div>';
+        $posts_columns['comments'] = '<div class="vers"><img alt="Comments" src="' . esc_url( admin_url( 'images/comment-grey-bubble.png' ) ) . '" /></div>';
     $posts_columns['date'] = __('Date');
 
@@ -644 +644 @@
     /* translators: column name */
     $posts_columns['parent'] = _x('Attached to', 'column name');
-    $posts_columns['comments'] = '<div class="vers"><img alt="Comments" src="' . admin_url( 'images/comment-grey-bubble.png' ) . '" /></div>';
+    $posts_columns['comments'] = '<div class="vers"><img alt="Comments" src="' . esc_url( admin_url( 'images/comment-grey-bubble.png' ) ) . '" /></div>';
     //$posts_columns['comments'] = __('Comments');
     /* translators: column name */
@@ -1154 +1154 @@
             ?>
             <a accesskey="s" href="#inline-edit" title="<?php _e('Update'); ?>" class="button-primary save alignright"><?php echo esc_attr( $update_text ); ?></a>
-            <img class="waiting" style="display:none;" src="<?php echo admin_url( 'images/wpspin_light.gif' ); ?>" alt="" />
+            <img class="waiting" style="display:none;" src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" alt="" />
         <?php } else {
             $update_text = __( 'Update' );
@@ -1819 +1819 @@
             $edit_link = 'profile.php';
         } else {
-            $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" ) );
+            $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( esc_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ), "user-edit.php?user_id=$user_object->ID" ) );
         }
         $edit = "<strong><a href=\"$edit_link\">$user_object->user_login</a></strong><br />";
@@ -2013 +2013 @@
     $user_can = current_user_can($post_type_object->edit_cap, $post->ID);
 
-    $comment_url = get_comment_link($comment->comment_ID);
+    $comment_url = esc_url(get_comment_link($comment->comment_ID));
     $author_url = get_comment_author_url();
     if ( 'http://' == $author_url )
@@ -2069 +2069 @@
                 if ( $comment->comment_parent ) {
                     $parent = get_comment( $comment->comment_parent );
-                    $parent_link = get_comment_link( $comment->comment_parent );
+                    $parent_link = esc_url( get_comment_link( $comment->comment_parent ) );
                     $name = apply_filters( 'get_comment_author', $parent->comment_author ); // there's no API function for this
                     printf( ' | '.__( 'In reply to <a href="%1$s">%2$s</a>.' ), $parent_link, $name );
@@ -2276 +2276 @@
     <span id="savebtn" style="display:none;"><?php _e('Update Comment'); ?></span>
     <span id="replybtn" style="display:none;"><?php _e('Submit Reply'); ?></span></a>
-    <img class="waiting" style="display:none;" src="<?php echo admin_url( 'images/wpspin_light.gif' ); ?>" alt="" />
+    <img class="waiting" style="display:none;" src="<?php echo esc_url( admin_url( 'images/wpspin_light.gif' ) ); ?>" alt="" />
     <span class="error" style="display:none;"></span>
     <br class="clear" />