WordPress.org

Make WordPress Core

Changeset 17001


Ignore:
Timestamp:
12/16/10 17:48:20 (3 years ago)
Author:
ryan
Message:

Remove some unnecessary esc_textarea() calls. Props garyc40. see #15454

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-tag-form.php

    r16431 r17001  
    6262        <tr class="form-field"> 
    6363            <th scope="row" valign="top"><label for="description"><?php _ex('Description', 'Taxonomy Description'); ?></label></th> 
    64             <td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo esc_textarea( $tag->description ); ?></textarea><br /> 
     64            <td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo $tag->description; // already escaped ?></textarea><br /> 
    6565            <span class="description"><?php _e('The description is not prominent by default, however some themes may show it.'); ?></span></td> 
    6666        </tr> 
  • trunk/wp-admin/includes/media.php

    r16900 r17001  
    13441344            $item .= $field[ $field['input'] ]; 
    13451345        elseif ( $field['input'] == 'textarea' ) { 
    1346             $item .= "<textarea type='text' id='$name' name='$name' $aria_required>" . esc_textarea( $field['value'] ) . '</textarea>'; 
     1346            if ( user_can_richedit() ) { // already escaped when user_can_richedit() = false 
     1347                $field['value'] = esc_textarea( $field['value'] ); 
     1348            } 
     1349            $item .= "<textarea type='text' id='$name' name='$name' $aria_required>" . $field['value'] . '</textarea>'; 
    13471350        } else { 
    13481351            $item .= "<input type='text' class='text' id='$name' name='$name' value='" . esc_attr( $field['value'] ) . "' $aria_required />"; 
  • trunk/wp-admin/includes/meta-boxes.php

    r16969 r17001  
    289289    <div class="nojs-tags hide-if-js"> 
    290290    <p><?php echo $taxonomy->labels->add_or_remove_items; ?></p> 
    291     <textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php echo $disabled; ?>><?php echo esc_textarea( get_terms_to_edit( $post->ID, $tax_name ) ); ?></textarea></div> 
     291    <textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php echo $disabled; ?>><?php echo get_terms_to_edit( $post->ID, $tax_name ); // escaped by esc_attr() ?></textarea></div> 
    292292    <?php if ( current_user_can($taxonomy->cap->assign_terms) ) : ?> 
    293293    <div class="ajaxtag hide-if-no-js"> 
     
    893893    <tr class="form-field"> 
    894894        <th valign="top"  scope="row"><label for="link_notes"><?php _e('Notes') ?></label></th> 
    895         <td><textarea name="link_notes" id="link_notes" cols="50" rows="10" style="width: 95%"><?php echo esc_textarea( ( isset( $link->link_notes ) ? $link->link_notes : '') ); ?></textarea></td> 
     895        <td><textarea name="link_notes" id="link_notes" cols="50" rows="10" style="width: 95%"><?php echo ( isset( $link->link_notes ) ? $link->link_notes : ''); // escaped ?></textarea></td> 
    896896    </tr> 
    897897    <tr class="form-field"> 
  • trunk/wp-includes/formatting.php

    r16993 r17001  
    11271127    $content = apply_filters('format_to_edit', $content); 
    11281128    if (! $richedit ) 
    1129         $content = htmlspecialchars($content); 
     1129        $content = esc_textarea($content); 
    11301130    return $content; 
    11311131} 
Note: See TracChangeset for help on using the changeset viewer.