Changeset 31262

Timestamp:

01/21/2015 09:05:29 PM (10 years ago)

Author:

lancewillett

Message:

Twenty Twelve: more fixes for escaping and minor code style issues. See #29127.

Location:

trunk/src/wp-content/themes/twentytwelve

Files:

• header.php (modified) (1 diff)
• inc/custom-header.php (modified) (1 diff)

trunk/src/wp-content/themes/twentytwelve/header.php

@@ -47 +47 @@
 
         <?php if ( get_header_image() ) : ?>
-        <a href="<?php echo esc_url( home_url( '/' ) ); ?>"><img src="<?php header_image(); ?>" class="header-image" width="<?php echo get_custom_header()->width; ?>" height="<?php echo get_custom_header()->height; ?>" alt="<?php echo esc_attr( get_bloginfo( 'name', 'display' ) ); ?>" /></a>
+        <a href="<?php echo esc_url( home_url( '/' ) ); ?>"><img src="<?php header_image(); ?>" class="header-image" width="<?php echo esc_attr( get_custom_header()->width ); ?>" height="<?php echo esc_attr( get_custom_header()->height ); ?>" alt="<?php echo esc_attr( get_bloginfo( 'name', 'display' ) ); ?>" /></a>
         <?php endif; ?>
     </header><!-- #masthead -->

trunk/src/wp-content/themes/twentytwelve/inc/custom-header.php

@@ -148 +148 @@
  */
 function twentytwelve_admin_header_image() {
+    $style = 'color: #' . get_header_textcolor() . ';';
+    if ( ! display_header_text() ) {
+        $style = 'display: none;';
+    }
     ?>
     <div id="headimg">
-        <?php
-        if ( ! display_header_text() )
-            $style = ' style="display:none;"';
-        else
-            $style = ' style="color:#' . get_header_textcolor() . ';"';
-        ?>
-        <h1 class="displaying-header-text"><a id="name"<?php echo $style; ?> onclick="return false;" href="<?php echo esc_url( home_url( '/' ) ); ?>"  tabindex="-1"><?php bloginfo( 'name' ); ?></a></h1>
-        <h2 id="desc" class="displaying-header-text"<?php echo $style; ?>><?php bloginfo( 'description' ); ?></h2>
+        <h1 class="displaying-header-text"><a id="name" style="<?php echo esc_attr( $style ); ?>" onclick="return false;" href="<?php echo esc_url( home_url( '/' ) ); ?>"><?php bloginfo( 'name' ); ?></a></h1>
+        <h2 id="desc" class="displaying-header-text" style="<?php echo esc_attr( $style ); ?>"><?php bloginfo( 'description' ); ?></h2>
         <?php $header_image = get_header_image();
         if ( ! empty( $header_image ) ) : ?>
-            <img src="<?php echo esc_url( $header_image ); ?>" class="header-image" width="<?php echo get_custom_header()->width; ?>" height="<?php echo get_custom_header()->height; ?>" alt="" />
+            <img src="<?php echo esc_url( $header_image ); ?>" class="header-image" width="<?php echo esc_attr( get_custom_header()->width ); ?>" height="<?php echo esc_attr( get_custom_header()->height ); ?>" alt="" />
         <?php endif; ?>
     </div>