Changeset 17146

Timestamp:

12/25/2010 10:45:09 PM (12 years ago)

Author:

ryan

Message:

link_notes and term_description escaping fixes. Props garyc40. fixes #15454

Location:

trunk/wp-includes

Files:

• bookmark.php (modified) (1 diff)
• taxonomy.php (modified) (1 diff)

trunk/wp-includes/bookmark.php

@@ -335 +335 @@
 
     if ( 'edit' == $context ) {
-        $format_to_edit = array('link_notes');
         $value = apply_filters("edit_$field", $value, $bookmark_id);
 
-        if ( in_array($field, $format_to_edit) ) {
-            $value = format_to_edit($value);
+        if ( 'link_notes' == $field ) {
+            $value = esc_html( $value ); // textarea_escaped
         } else {
             $value = esc_attr($value);

trunk/wp-includes/taxonomy.php

@@ -1522 +1522 @@
         $value = apply_filters("edit_{$taxonomy}_{$field}", $value, $term_id);
         if ( 'description' == $field )
-            $value = format_to_edit($value);
+            $value = esc_html($value); // textarea_escaped
         else
             $value = esc_attr($value);