WordPress.org

Make WordPress Core

Changeset 28787


Ignore:
Timestamp:
06/20/2014 05:28:12 PM (6 years ago)
Author:
wonderboymusic
Message:

Cleanup wp_widget_rss_form() after [28734]. "$$input used sanitized variables which contained actual values, unlike $inputs[$input] which in that context contains data about which input fields are hidden."

Props kovshenin.
Fixes #27881.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/default-widgets.php

    r28734 r28787  
    11091109    $inputs = wp_parse_args( $inputs, $default_inputs );
    11101110
    1111     $number = esc_attr( $args['number'] );
    1112     $title  = isset( $args['title'] ) ? esc_attr( $args['title'] ) : '';
    1113     $url    = isset( $args['url'] ) ? esc_url( $args['url'] ) : '';
    1114     $items  = isset( $args['items'] ) ? (int) $args['items'] : 0;
    1115     if ( $items < 1 || 20 < $items ) {
    1116         $items  = 10;
    1117     }
    1118     $show_summary   = isset( $args['show_summary'] ) ? (int) $args['show_summary'] : (int) $inputs['show_summary'];
    1119     $show_author    = isset( $args['show_author'] ) ? (int) $args['show_author'] : (int) $inputs['show_author'];
    1120     $show_date      = isset( $args['show_date'] ) ? (int) $args['show_date'] : (int) $inputs['show_date'];
     1111    $args['number'] = esc_attr( $args['number'] );
     1112    $args['title'] = isset( $args['title'] ) ? esc_attr( $args['title'] ) : '';
     1113    $args['url'] = isset( $args['url'] ) ? esc_url( $args['url'] ) : '';
     1114    $args['items'] = isset( $args['items'] ) ? (int) $args['items'] : 0;
     1115
     1116    if ( $args['items'] < 1 || 20 < $args['items'] ) {
     1117        $args['items'] = 10;
     1118    }
     1119
     1120    $args['show_summary']   = isset( $args['show_summary'] ) ? (int) $args['show_summary'] : (int) $inputs['show_summary'];
     1121    $args['show_author']    = isset( $args['show_author'] ) ? (int) $args['show_author'] : (int) $inputs['show_author'];
     1122    $args['show_date']      = isset( $args['show_date'] ) ? (int) $args['show_date'] : (int) $inputs['show_date'];
    11211123
    11221124    if ( ! empty( $args['error'] ) ) {
     
    11261128    if ( $inputs['url'] ) :
    11271129?>
    1128     <p><label for="rss-url-<?php echo $number; ?>"><?php _e('Enter the RSS feed URL here:'); ?></label>
    1129     <input class="widefat" id="rss-url-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][url]" type="text" value="<?php echo $url; ?>" /></p>
     1130    <p><label for="rss-url-<?php echo $args['number']; ?>"><?php _e( 'Enter the RSS feed URL here:' ); ?></label>
     1131    <input class="widefat" id="rss-url-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][url]" type="text" value="<?php echo $args['url']; ?>" /></p>
    11301132<?php endif; if ( $inputs['title'] ) : ?>
    1131     <p><label for="rss-title-<?php echo $number; ?>"><?php _e('Give the feed a title (optional):'); ?></label>
    1132     <input class="widefat" id="rss-title-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][title]" type="text" value="<?php echo $title; ?>" /></p>
     1133    <p><label for="rss-title-<?php echo $args['number']; ?>"><?php _e( 'Give the feed a title (optional):' ); ?></label>
     1134    <input class="widefat" id="rss-title-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][title]" type="text" value="<?php echo $args['title']; ?>" /></p>
    11331135<?php endif; if ( $inputs['items'] ) : ?>
    1134     <p><label for="rss-items-<?php echo $number; ?>"><?php _e('How many items would you like to display?'); ?></label>
    1135     <select id="rss-items-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][items]">
    1136 <?php
    1137         for ( $i = 1; $i <= 20; ++$i )
    1138             echo "<option value='$i' " . selected( $items, $i, false ) . ">$i</option>";
     1136    <p><label for="rss-items-<?php echo $args['number']; ?>"><?php _e( 'How many items would you like to display?' ); ?></label>
     1137    <select id="rss-items-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][items]">
     1138<?php
     1139        for ( $i = 1; $i <= 20; ++$i ) {
     1140            echo "<option value='$i' " . selected( $args['items'], $i, false ) . ">$i</option>";
     1141        }
    11391142?>
    11401143    </select></p>
    11411144<?php endif; if ( $inputs['show_summary'] ) : ?>
    1142     <p><input id="rss-show-summary-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][show_summary]" type="checkbox" value="1" <?php if ( $show_summary ) echo 'checked="checked"'; ?>/>
    1143     <label for="rss-show-summary-<?php echo $number; ?>"><?php _e('Display item content?'); ?></label></p>
     1145    <p><input id="rss-show-summary-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][show_summary]" type="checkbox" value="1" <?php checked( $args['show_summary'] ); ?> />
     1146    <label for="rss-show-summary-<?php echo $args['number']; ?>"><?php _e( 'Display item content?' ); ?></label></p>
    11441147<?php endif; if ( $inputs['show_author'] ) : ?>
    1145     <p><input id="rss-show-author-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][show_author]" type="checkbox" value="1" <?php if ( $show_author ) echo 'checked="checked"'; ?>/>
    1146     <label for="rss-show-author-<?php echo $number; ?>"><?php _e('Display item author if available?'); ?></label></p>
     1148    <p><input id="rss-show-author-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][show_author]" type="checkbox" value="1" <?php checked( $args['show_author'] ); ?> />
     1149    <label for="rss-show-author-<?php echo $args['number']; ?>"><?php _e( 'Display item author if available?' ); ?></label></p>
    11471150<?php endif; if ( $inputs['show_date'] ) : ?>
    1148     <p><input id="rss-show-date-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][show_date]" type="checkbox" value="1" <?php if ( $show_date ) echo 'checked="checked"'; ?>/>
    1149     <label for="rss-show-date-<?php echo $number; ?>"><?php _e('Display item date?'); ?></label></p>
     1151    <p><input id="rss-show-date-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][show_date]" type="checkbox" value="1" <?php checked( $args['show_date'] ); ?>/>
     1152    <label for="rss-show-date-<?php echo $args['number']; ?>"><?php _e( 'Display item date?' ); ?></label></p>
    11501153<?php
    11511154    endif;
     
    11541157            $id = str_replace( '_', '-', $input );
    11551158?>
    1156     <input type="hidden" id="rss-<?php echo $id; ?>-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][<?php echo $input; ?>]" value="<?php echo $inputs[ $input ]; ?>" />
     1159    <input type="hidden" id="rss-<?php echo $id; ?>-<?php echo $args['number']; ?>" name="widget-rss[<?php echo $args['number']; ?>][<?php echo $input; ?>]" value="<?php echo $args[ $input ]; ?>" />
    11571160<?php
    11581161        endif;
Note: See TracChangeset for help on using the changeset viewer.