Make WordPress Core

Changeset 32170


Ignore:
Timestamp:
04/20/2015 06:26:35 AM (9 years ago)
Author:
pento
Message:

Correctly escape theme version numbers when displaying them.

Props collinsinternet.

Location:
trunk/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/themes.php

    r32116 r32170  
    379379                    <span class="current-label"><?php _e( 'Current Theme' ); ?></span>
    380380                <# } #>
    381                 <h3 class="theme-name">{{{ data.name }}}<span class="theme-version"><?php printf( __( 'Version: %s' ), '{{{ data.version }}}' ); ?></span></h3>
     381                <h3 class="theme-name">{{{ data.name }}}<span class="theme-version"><?php printf( __( 'Version: %s' ), '{{ data.version }}' ); ?></span></h3>
    382382                <h4 class="theme-author"><?php printf( __( 'By %s' ), '{{{ data.authorAndUri }}}' ); ?></h4>
    383383
  • trunk/src/wp-includes/class-wp-theme.php

    r31188 r32170  
    637637                $value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) );
    638638                break;
     639            case 'Version' :
     640                $value = strip_tags( $value );
     641                break;
    639642        }
    640643
Note: See TracChangeset for help on using the changeset viewer.