Make WordPress Core


Ignore:
Timestamp:
11/17/2010 05:12:01 PM (14 years ago)
Author:
markjaquith
Message:

esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/network/settings.php

    r16406 r16431  
    122122                    $limited_email_domains = str_replace( ' ', "\n", $limited_email_domains ); ?>
    123123                    <textarea name="limited_email_domains" id="limited_email_domains" cols="45" rows="5">
    124 <?php echo wp_htmledit_pre( $limited_email_domains == '' ? '' : implode( "\n", (array) $limited_email_domains ) ); ?></textarea>
     124<?php echo esc_textarea( $limited_email_domains == '' ? '' : implode( "\n", (array) $limited_email_domains ) ); ?></textarea>
    125125                    <br />
    126126                    <?php _e( 'If you want to limit site registrations to certain domains. One domain per line.' ) ?>
     
    132132                <td>
    133133                    <textarea name="banned_email_domains" id="banned_email_domains" cols="45" rows="5">
    134 <?php echo wp_htmledit_pre( get_site_option( 'banned_email_domains' ) == '' ? '' : implode( "\n", (array) get_site_option( 'banned_email_domains' ) ) ); ?></textarea>
     134<?php echo esc_textarea( get_site_option( 'banned_email_domains' ) == '' ? '' : implode( "\n", (array) get_site_option( 'banned_email_domains' ) ) ); ?></textarea>
    135135                    <br />
    136136                    <?php _e( 'If you want to ban domains from site registrations. One domain per line.' ) ?>
     
    146146                <td>
    147147                    <textarea name="welcome_email" id="welcome_email" rows="5" cols="45" class="large-text">
    148 <?php echo wp_htmledit_pre( stripslashes( get_site_option( 'welcome_email' ) ) ) ?></textarea>
     148<?php echo esc_textarea( stripslashes( get_site_option( 'welcome_email' ) ) ) ?></textarea>
    149149                    <br />
    150150                    <?php _e( 'The welcome email sent to new site owners.' ) ?>
     
    155155                <td>
    156156                    <textarea name="welcome_user_email" id="welcome_user_email" rows="5" cols="45" class="large-text">
    157 <?php echo wp_htmledit_pre( stripslashes( get_site_option( 'welcome_user_email' ) ) ) ?></textarea>
     157<?php echo esc_textarea( stripslashes( get_site_option( 'welcome_user_email' ) ) ) ?></textarea>
    158158                    <br />
    159159                    <?php _e( 'The welcome email sent to new users.' ) ?>
     
    164164                <td>
    165165                    <textarea name="first_post" id="first_post" rows="5" cols="45" class="large-text">
    166 <?php echo wp_htmledit_pre( stripslashes( get_site_option( 'first_post' ) ) ) ?></textarea>
     166<?php echo esc_textarea( stripslashes( get_site_option( 'first_post' ) ) ) ?></textarea>
    167167                    <br />
    168168                    <?php _e( 'The first post on a new site.' ) ?>
     
    173173                <td>
    174174                    <textarea name="first_page" id="first_page" rows="5" cols="45" class="large-text">
    175 <?php echo wp_htmledit_pre( stripslashes( get_site_option('first_page') ) ) ?></textarea>
     175<?php echo esc_textarea( stripslashes( get_site_option('first_page') ) ) ?></textarea>
    176176                    <br />
    177177                    <?php _e( 'The first page on a new site.' ) ?>
     
    182182                <td>
    183183                    <textarea name="first_comment" id="first_comment" rows="5" cols="45" class="large-text">
    184 <?php echo wp_htmledit_pre( stripslashes( get_site_option('first_comment') ) ) ?></textarea>
     184<?php echo esc_textarea( stripslashes( get_site_option('first_comment') ) ) ?></textarea>
    185185                    <br />
    186186                    <?php _e( 'The first comment on a new site.' ) ?>
Note: See TracChangeset for help on using the changeset viewer.