Make WordPress Core


Ignore:
Timestamp:
05/23/2011 11:33:30 PM (11 years ago)
Author:
ryan
Message:

Validation fixes. Props ocean90, peaceablewhale. see #17364

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/class-wp-terms-list-table.php

    r17771 r18010  
    251251        $name = apply_filters( 'term_name', $pad . ' ' . $tag->name, $tag );
    252252        $qe_data = get_term( $tag->term_id, $taxonomy, OBJECT, 'edit' );
    253         $edit_link = get_edit_term_link( $tag->term_id, $taxonomy, $post_type );
     253        $edit_link = esc_url( get_edit_term_link( $tag->term_id, $taxonomy, $post_type ) );
    254254
    255255        $out = '<strong><a class="row-title" href="' . $edit_link . '" title="' . esc_attr( sprintf( __( 'Edit &#8220;%s&#8221;' ), $name ) ) . '">' . $name . '</a></strong><br />';
     
    270270        $out .= '<div class="name">' . $qe_data->name . '</div>';
    271271        $out .= '<div class="slug">' . apply_filters( 'editable_slug', $qe_data->slug ) . '</div>';
    272         $out .= '<div class="parent">' . $qe_data->parent . '</div></div></td>';
     272        $out .= '<div class="parent">' . $qe_data->parent . '</div></div>';
    273273
    274274        return $out;
     
    301301        $args['post_type'] = $post_type;
    302302
    303         return "<a href='" . add_query_arg( $args, 'edit.php' ) . "'>$count</a>";
     303        return "<a href='" . esc_url ( add_query_arg( $args, 'edit.php' ) ) . "'>$count</a>";
    304304    }
    305305
Note: See TracChangeset for help on using the changeset viewer.