Changeset 1940 for trunk/wp-admin/link-categories.php
- Timestamp:
- 12/12/2004 08:41:19 PM (20 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/link-categories.php
r1818 r1940 29 29 die (__("Cheatin' uh ?")); 30 30 31 $cat_name = addslashes($_POST['cat_name']);31 $cat_name = wp_specialchars($_POST['cat_name']); 32 32 $auto_toggle = $_POST['auto_toggle']; 33 33 if ($auto_toggle != 'Y') { … … 80 80 case 'Delete': 81 81 { 82 $cat_id = $_GET['cat_id'];82 $cat_id = (int) $_GET['cat_id']; 83 83 $cat_name=get_linkcatname($cat_id); 84 84 … … 98 98 { 99 99 include_once ('admin-header.php'); 100 $cat_id = $_GET['cat_id'];100 $cat_id = (int) $_GET['cat_id']; 101 101 $row = $wpdb->get_row("SELECT cat_id, cat_name, auto_toggle, show_images, show_description, " 102 102 . " show_rating, show_updated, sort_order, sort_desc, text_before_link, text_after_link, " … … 109 109 110 110 <div class="wrap"> 111 <h2>Edit “<?php echo htmlspecialchars($row->cat_name)?>” Category </h2>111 <h2>Edit “<?php echo wp_specialchars($row->cat_name)?>” Category </h2> 112 112 113 113 <form name="editcat" method="post"> … … 119 119 <tr> 120 120 <th width="33%" scope="row"><?php _e('Name:') ?></th> 121 <td width="67%"><input name="cat_name" type="text" value="<?php echo htmlspecialchars($row->cat_name)?>" size="30" /></td>121 <td width="67%"><input name="cat_name" type="text" value="<?php echo wp_specialchars($row->cat_name)?>" size="30" /></td> 122 122 </tr> 123 123 <tr> … … 177 177 <tr> 178 178 <th width="33%" scope="row"><?php _e('Before Link:') ?></th> 179 <td width="67%"><input type="text" name="text_before_link" size="45" value="<?php echo htmlspecialchars($row->text_before_link)?>" /></td>179 <td width="67%"><input type="text" name="text_before_link" size="45" value="<?php echo wp_specialchars($row->text_before_link)?>" /></td> 180 180 </tr> 181 181 <tr> 182 182 <th scope="row"><?php _e('Between Link and Description:') ?></th> 183 <td><input type="text" name="text_after_link" size="45" value="<?php echo htmlspecialchars($row->text_after_link)?>" /></td>183 <td><input type="text" name="text_after_link" size="45" value="<?php echo wp_specialchars($row->text_after_link)?>" /></td> 184 184 </tr> 185 185 <tr> 186 186 <th scope="row"><?php _e('After Link:') ?></th> 187 <td><input type="text" name="text_after_all" size="45" value="<?php echo htmlspecialchars($row->text_after_all)?>"/></td>187 <td><input type="text" name="text_after_all" size="45" value="<?php echo wp_specialchars($row->text_after_all)?>"/></td> 188 188 </tr> 189 189 </table> … … 205 205 if (isset($submit)) { 206 206 207 $cat_id =$_POST["cat_id"];208 209 $cat_name= $_POST["cat_name"];207 $cat_id = (int)$_POST["cat_id"]; 208 209 $cat_name= wp_specialchars($_POST["cat_name"]); 210 210 $auto_toggle = $_POST["auto_toggle"]; 211 211 if ($auto_toggle != 'Y') { … … 311 311 ?> 312 312 <tr valign="middle" align="center" <?php echo $style ?> style="border-bottom: 1px dotted #9C9A9C;"> 313 <td><?php echo htmlspecialchars($row->cat_name)?></td>313 <td><?php echo wp_specialchars($row->cat_name)?></td> 314 314 <td ><?php echo $row->cat_id?></td> 315 315 <td><?php echo $row->auto_toggle?></td>
Note: See TracChangeset
for help on using the changeset viewer.