WordPress.org

Make WordPress Core

Changeset 4535


Ignore:
Timestamp:
11/28/06 21:51:13 (7 years ago)
Author:
ryan
Message:

Use js_escape. Props nbachiyski. fixes #3399

Location:
trunk
Files:
15 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/cat-js.php

    r4187 r4535  
    99    if ( !jaxcat ) 
    1010        return false; 
    11     jaxcat.update('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="<?php _e('Add'); ?>"/><span id="howto"><?php _e('Separate multiple categories with commas.'); ?></span></span>'); 
     11    jaxcat.update('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="<?php echo js_escape(__('Add')); ?>"/><span id="howto"><?php js_escape(__('Separate multiple categories with commas.')); ?></span></span>'); 
    1212    $('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); }; 
    1313    $('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); }; 
  • trunk/wp-admin/comment.php

    r4480 r4535  
    1919 
    2020    if ( ! $comment = get_comment($comment) ) 
    21         wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)')); 
     21        wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'javascript:history.go(-1)')); 
    2222 
    2323    if ( !current_user_can('edit_post', $comment->comment_post_ID) ) 
     
    4141 
    4242    if ( ! $comment = get_comment($comment) ) 
    43         wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); 
     43        wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php')); 
    4444 
    4545    if ( !current_user_can('edit_post', $comment->comment_post_ID) ) 
     
    5050<div class="narrow"> 
    5151<?php if ( 'spam' == $_GET['dt'] ) { ?> 
    52 <p><?php _e('<strong>Caution:</strong> You are about to mark the following comment as spam:'); ?></p> 
     52<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to mark the following comment as spam:'); ?></p> 
    5353<?php } elseif ( 'cdc' == $action ) { ?> 
    54 <p><?php _e('<strong>Caution:</strong> You are about to delete the following comment:'); ?></p> 
     54<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to delete the following comment:'); ?></p> 
    5555<?php } else { ?> 
    56 <p><?php _e('<strong>Caution:</strong> You are about to approve the following comment:'); ?></p> 
     56<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to approve the following comment:'); ?></p> 
    5757<?php } ?> 
    5858 
     
    117117 
    118118    if ( ! $comment = get_comment($comment) ) 
    119              wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit-comments.php')); 
     119             wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit-comments.php')); 
    120120 
    121121    if ( !current_user_can('edit_post', $comment->comment_post_ID) ) 
     
    146146 
    147147    if ( ! $comment = get_comment($comment) ) 
    148         wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); 
     148        wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php')); 
    149149 
    150150    if ( !current_user_can('edit_post', $comment->comment_post_ID) ) 
     
    172172 
    173173    if ( ! $comment = get_comment($comment) ) 
    174         wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php')); 
     174        wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php')); 
    175175 
    176176    if ( !current_user_can('edit_post', $comment->comment_post_ID) ) 
  • trunk/wp-admin/dbx-admin-key-js.php

    r4495 r4535  
    3333        'yes',          // include open/close toggle buttons ['yes'|'no'] 
    3434        'closed',       // default state ['open'|'closed'] 
    35         'open',         // word for "open", as in "open this box" 
    36         'close',        // word for "close", as in "close this box" 
    37         'click-down and drag to move this box', // sentence for "move this box" by mouse 
    38         'click to %toggle% this box', // pattern-match sentence for "(open|close) this box" by mouse 
    39         'use the arrow keys to move this box', // sentence for "move this box" by keyboard 
    40         ', or press the enter key to %toggle% it',  // pattern-match sentence-fragment for "(open|close) this box" by keyboard 
     35        '<?php echo js_escape(__('open')); ?>',         // word for "open", as in "open this box" 
     36        '<?php echo js_escape(__('close')); ?>',        // word for "close", as in "close this box" 
     37        '<?php echo js_escape(__('click-down and drag to move this box')); ?>', // sentence for "move this box" by mouse 
     38        '<?php echo js_escape(__('click to %toggle% this box')); ?>', // pattern-match sentence for "(open|close) this box" by mouse 
     39        '<?php echo js_escape(__('use the arrow keys to move this box')); ?>', // sentence for "move this box" by keyboard 
     40        '<?php echo js_escape(__(', or press the enter key to %toggle% it')); ?>',  // pattern-match sentence-fragment for "(open|close) this box" by keyboard 
    4141        '%mytitle%  [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts 
    4242        ); 
     
    5858        'yes',          // include open/close toggle buttons ['yes'|'no'] 
    5959        'closed',       // default state ['open'|'closed'] 
    60         'open',         // word for "open", as in "open this box" 
    61         'close',        // word for "close", as in "close this box" 
    62         'click-down and drag to move this box', // sentence for "move this box" by mouse 
    63         'click to %toggle% this box', // pattern-match sentence for "(open|close) this box" by mouse 
    64         'use the arrow keys to move this box', // sentence for "move this box" by keyboard 
    65         ', or press the enter key to %toggle% it',  // pattern-match sentence-fragment for "(open|close) this box" by keyboard 
     60        '<?php echo js_escape(__('open')); ?>',         // word for "open", as in "open this box" 
     61        '<?php echo js_escape(__('close')); ?>',        // word for "close", as in "close this box" 
     62        '<?php echo js_escape(__('click-down and drag to move this box')); ?>', // sentence for "move this box" by mouse 
     63        '<?php echo js_escape(__('click to %toggle% this box')); ?>', // pattern-match sentence for "(open|close) this box" by mouse 
     64        '<?php echo js_escape(__('use the arrow keys to move this box')); ?>', // sentence for "move this box" by keyboard 
     65        '<?php echo js_escape(__(', or press the enter key to %toggle% it')); ?>',  // pattern-match sentence-fragment for "(open|close) this box" by keyboard 
    6666        '%mytitle%  [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts 
    6767        ); 
  • trunk/wp-admin/edit-comments.php

    r4495 r4535  
    158158if ( current_user_can('edit_post', $comment->comment_post_ID) ) { 
    159159    echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>'; 
    160     echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> '; 
     160    echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> '; 
    161161    if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) { 
    162162        echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>'; 
    163163        echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>'; 
    164164    } 
    165     echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), js_escape( $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> "; 
     165    echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> "; 
    166166} 
    167167$post = get_post($comment->comment_post_ID); 
     
    224224    echo "<a href='comment.php?action=editcomment&amp;c=$comment->comment_ID' class='edit'>" .  __('Edit') . "</a>"; } ?></td> 
    225225    <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { 
    226         echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape( $comment->comment_author ))  . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> "; 
     226        echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author ))  . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> "; 
    227227        } ?></td> 
    228228  </tr> 
     
    230230        } // end foreach 
    231231    ?></table> 
    232 <p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php _e("Please select some comments to delete"); ?>'); return false } return confirm('<?php printf(__("You are about to delete %s comments permanently \\n  \'Cancel\' to stop, \'OK\' to delete."), "' + numchecked + '"); ?>')" /> 
    233             <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="return confirm('<?php _e("You are about to mark these comments as spam \\n  \'Cancel\' to stop, \'OK\' to mark as spam.") ?>')" /></p> 
     232<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo js_escape(sprintf(__("You are about to delete %s comments permanently \\n  \'Cancel\' to stop, \'OK\' to delete.")), "' + numchecked + '"); ?>')" /> 
     233            <input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="return confirm('<?php echo js_escape(__("You are about to mark these comments as spam \\n  \'Cancel\' to stop, \'OK\' to mark as spam.")); ?>')" /></p> 
    234234  </form> 
    235235<div id="ajax-response"></div> 
  • trunk/wp-admin/edit-form-advanced.php

    r4495 r4535  
    245245 
    246246<?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?> 
    247 <input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> 
     247<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this post \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> 
    248248<?php endif; ?> 
    249249 
  • trunk/wp-admin/edit-page-form.php

    r4495 r4535  
    189189    $delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID ); 
    190190    if ( current_user_can('delete_page', $post->ID) ) ?> 
    191         <input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> 
     191        <input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> /> 
    192192<?php endif; ?> 
    193193</div> 
  • trunk/wp-admin/import/blogger.php

    r4495 r4535  
    1111        $welcome = __('Howdy! This importer allows you to import posts and comments from your Blogger account into your WordPress blog.'); 
    1212        $noiframes = __('This feature requires iframe support.'); 
    13         $warning = __('This will delete everything saved by the Blogger importer except your posts and comments. Are you sure you want to do this?'); 
     13        $warning = js_escape(__('This will delete everything saved by the Blogger importer except your posts and comments. Are you sure you want to do this?')); 
    1414        $reset = __('Reset this importer'); 
    1515        $incompat = __('Your web server is not properly configured to use this importer. Please enable the CURL extension for PHP and then reload this page.'); 
  • trunk/wp-admin/link-add.php

    r4499 r4535  
    3030<h3><?php _e('Add Link Bookmarklet'); ?></h3> 
    3131<p><?php _e('Right click on the following link and choose "Bookmark This Link..." to create an add link shortcut. Right now this only works on Mozilla or Netscape, but we’re working on it.'); ?></p> 
    32 <?php printf(__('<p><a href="%s" title="Link add bookmarklet">Link This</a></p>'), "javascript:void(linkmanpopup=window.open('" . get_option('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?> 
     32<?php printf('<p><a href="%s" title="'.__('Link add bookmarklet').'">'.__('Link This').'</a></p>'), "javascript:void(linkmanpopup=window.open('" . get_option('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?> 
    3333</div> 
    3434 
  • trunk/wp-admin/link-manager.php

    r4499 r4535  
    162162 
    163163        echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>'; 
    164         echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the &quot;%s&quot; link to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($link->link_name), js_escape($link->link_url)).'\' );" class="delete">'.__('Delete').'</a></td>'; 
     164        echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the &quot;%s&quot; link to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>'; 
    165165        echo '<td align="center"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></td>'; 
    166166        echo "\n    </tr>\n"; 
     
    172172<div id="ajax-response"></div> 
    173173 
    174 <p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Links') ?> &raquo;" onclick="return confirm('<?php _e("You are about to delete these links permanently \\n  \'Cancel\' to stop, \'OK\' to delete.") ?>')" /></p> 
     174<p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Links') ?> &raquo;" onclick="return confirm('<?php echo js_escape(__("You are about to delete these links permanently \\n  \'Cancel\' to stop, \'OK\' to delete.")); ?>')" /></p> 
    175175</form> 
    176176</div> 
  • trunk/wp-admin/moderation.php

    r4495 r4535  
    136136<p><?php comment_date('M j, g:i A'); ?> &#8212; [ <?php 
    137137echo '<a href="comment.php?action=editcomment&amp;c='.$comment->comment_ID.'">' . __('Edit') . '</a> | '; 
    138 echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($comment->comment_author)) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?> 
     138echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?> 
    139139<?php 
    140140$post = get_post($comment->comment_post_ID); 
  • trunk/wp-admin/upload-js.php

    r4510 r4535  
    9898            h += "<table>"; 
    9999            if ( this.currentImage.thumb ) { 
    100                 h += "<tr><th style='padding-bottom:.5em'><?php echo addslashes(__('Show:')); ?></th><td style='padding-bottom:.5em'>"; 
    101                 h += "<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' checked='checked' /> <?php echo addslashes(__('Thumbnail')); ?></label><br />"; 
    102                 h += "<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> <?php echo addslashes(__('Full size')); ?></label>"; 
     100                h += "<tr><th style='padding-bottom:.5em'><?php echo js_escape(__('Show:')); ?></th><td style='padding-bottom:.5em'>"; 
     101                h += "<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' checked='checked' /> <?php echo js_escape(__('Thumbnail')); ?></label><br />"; 
     102                h += "<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> <?php echo js_escape(__('Full size')); ?></label>"; 
    103103                h += "</td></tr>"; 
    104104            } 
    105105 
    106             h += "<tr><th><?php echo addslashes(__('Link to:')); ?></th><td>"; 
    107             h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> <?php echo addslashes(__('File')); ?></label><br />"; 
    108             h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> <?php echo addslashes(__('Page')); ?></label><br />"; 
    109             h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> <?php echo addslashes(__('None')); ?></label>"; 
     106            h += "<tr><th><?php echo js_escape(__('Link to:')); ?></th><td>"; 
     107            h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> <?php echo js_escape(__('File')); ?></label><br />"; 
     108            h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> <?php echo js_escape(__('Page')); ?></label><br />"; 
     109            h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> <?php echo js_escape(__('None')); ?></label>"; 
    110110            h += "</td></tr>"; 
    111111 
    112112            h += "<tr><td colspan='2'><p class='submit'>"; 
    113             h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='<?php echo addslashes(__('Send to editor')); ?> &raquo;' />"; 
     113            h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='<?php echo js_escape(__('Send to editor &raquo;')); ?>' />"; 
    114114            h += "</p></td></tr></table>"; 
    115115            h += "</form>"; 
     
    135135                params.ID = ''; 
    136136                params.action = ''; 
    137                 h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "'  title='Browse your files' class='back'>&laquo; Back</a>"; 
    138             } else { 
    139                 h += "<a href='#' onclick='return theFileList.cancelView();'  title='Browse your files' class='back'>&laquo; Back</a>"; 
     137                h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "'  title='<?php echo js_escape(__('Browse your files')); ?>' class='back'>&laquo;  <?php echo js_escape(__('Back')); ?></a>"; 
     138            } else { 
     139                h += "<a href='#' onclick='return theFileList.cancelView();'  title='<?php echo js_escape(__('Browse your files')); ?>' class='back'>&laquo; <?php echo js_escape(__('Back')); ?></a>"; 
    140140            } 
    141141            h += "<div id='file-title'>" 
    142142            if ( !this.currentImage.isImage ) 
    143                 h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='Direct link to file'>" + this.currentImage.title + "</a></h2>"; 
     143                h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo js_escape(__('Direct link to file')); ?>'>" + this.currentImage.title + "</a></h2>"; 
    144144            else 
    145145                h += "<h2>" + this.currentImage.title + "</h2>"; 
    146146            h += " &#8212; <span>"; 
    147             h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'>Insert</a>" 
     147            h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'><?php js_escape(__('Insert')); ?></a>" 
    148148            h += "</span>"; 
    149149            h += '</div>' 
    150150            h += "<div id='upload-file-view' class='alignleft'>"; 
    151151            if ( this.currentImage.isImage ) { 
    152                 h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='Direct link to file'>"; 
     152                h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo js_escape(__('Direct link to file')); ?>'>"; 
    153153                h += "<img src='" + ( this.currentImage.thumb ? this.currentImage.thumb : this.currentImage.src ) + "' alt='" + this.currentImage.title + "' width='" + this.currentImage.width + "' height='" + this.currentImage.height + "' />"; 
    154154                h += "</a>"; 
     
    159159 
    160160            h += "<table><col /><col class='widefat' /><tr>" 
    161             h += "<th scope='row'><label for='url'>URL</label></th>"; 
     161            h += "<th scope='row'><label for='url'><?php echo js_escape(__('URL')); ?></label></th>"; 
    162162            h += "<td><input type='text' id='url' class='readonly' value='" + this.currentImage.srcBase + this.currentImage.src + "' readonly='readonly' /></td>"; 
    163163            h += "</tr><tr>"; 
    164             h += "<th scope='row'><label for='post_title'>Title</label></th>"; 
     164            h += "<th scope='row'><label for='post_title'><?php echo js_escape(__('Title')); ?></label></th>"; 
    165165            h += "<td><input type='text' id='post_title' name='post_title' value='" + this.currentImage.title + "' /></td>"; 
    166166            h += "</tr><tr>"; 
    167             h += "<th scope='row'><label for='post_content'>Description</label></th>"; 
     167            h += "<th scope='row'><label for='post_content'><?php echo js_escape(__('Description')); ?></label></th>"; 
    168168            h += "<td><textarea name='post_content' id='post_content'>" + this.currentImage.description + "</textarea></td>"; 
    169             h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='Delete File' onclick='theFileList.deleteFile(" + id + ");' />"; 
     169            h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='<?php echo js_escape(__('Delete File')); ?>' onclick='theFileList.deleteFile(" + id + ");' />"; 
    170170            h += "<input type='hidden' name='from_tab' value='" + this.tab + "' />"; 
    171171            h += "<input type='hidden' name='action' id='action-value' value='save' />"; 
    172172            h += "<input type='hidden' name='ID' value='" + id + "' />"; 
    173173            h += "<input type='hidden' name='_wpnonce' value='" + this.nonce + "' />"; 
    174             h += "<div class='submit'><input type='submit' value='Save &raquo;' /></div>"; 
     174            h += "<div class='submit'><input type='submit' value='<?php echo js_escape(__('Save &raquo;')); ?>' /></div>"; 
    175175            h += "</td></tr></table></form>"; 
    176176 
  • trunk/wp-includes/bookmark-template.php

    r4527 r4535  
    108108        if ( $show_updated ) 
    109109            if (substr($row->link_updated_f, 0, 2) != '00') 
    110                 $title .= ' (Last updated ' . date(get_option('links_updated_date_format'), $row->link_updated_f + (get_option('gmt_offset') * 3600)) . ')'; 
     110                $title .= ' ('.__('Last updated') . ' ' . date(get_option('links_updated_date_format'), $row->link_updated_f + (get_option('gmt_offset') * 3600)) . ')'; 
    111111 
    112112        if ( '' != $title ) 
  • trunk/wp-includes/js/autosave.js.php

    r4512 r4535  
    3939     
    4040    if(isNaN(res)) { 
    41         message = "<?php _e('Error: '); ?>" + response; 
     41        message = "<?php js_escape(__('Error: ')); ?>" + response; 
    4242    } else { 
    43         message = "<?php _e('Saved at '); ?>" + autosave_cur_time(); 
     43        message = "<?php js_escape(__('Saved at ')); ?>" + autosave_cur_time(); 
    4444        $('post_ID').name = "post_ID"; 
    4545        $('post_ID').value = res; 
     
    6161 
    6262function autosave_loading() { 
    63     $('autosave').innerHTML = "<?php _e('Saving Draft...'); ?>"; 
     63    $('autosave').innerHTML = "<?php js_escape(__('Saving Draft...')); ?>"; 
    6464} 
    6565 
     
    7070     
    7171    if(isNaN(res)) { 
    72         message = "<?php _e('Error: '); ?>" + response; 
     72        message = "<?php js_escape(__('Error: ')); ?>" + response; 
    7373    } else { 
    74         message = "<?php _e('Saved at '); ?>" + autosave_cur_time() + "."; 
     74        message = "<?php js_escape(__('Saved at ')); ?>" + autosave_cur_time() + "."; 
    7575    } 
    7676    $('autosave').innerHTML = message; 
  • trunk/wp-includes/js/list-manipulation-js.php

    r4458 r4535  
    11<?php @require_once('../../wp-config.php'); cache_javascript_headers(); ?> 
    22addLoadEvent(function(){theList=new listMan();}); 
    3 function deleteSomething(what,id,message,obj){if(!obj)obj=theList;if(!message)message="<?php printf(__('Are you sure you want to delete this %s?'),"'+what+'"); ?>";if(confirm(message))return obj.ajaxDelete(what,id);else return false;} 
     3function deleteSomething(what,id,message,obj){if(!obj)obj=theList;if(!message)message="<?php printf(js_escape(__('Are you sure you want to delete this %s?')),"'+what+'"); ?>";if(confirm(message))return obj.ajaxDelete(what,id);else return false;} 
    44function dimSomething(what,id,dimClass,obj){if(!obj)obj=theList;return obj.ajaxDimmer(what,id,dimClass);} 
    55 
     
    4848                        tempObj.showLink = id; 
    4949                }); 
    50                 ajaxAdd.myResponseElement.update(tempObj.showLink ? ( "<div id='jumplink' class='updated fade'><p><a href='#" + what + '-' + tempObj.showLink + "'><?php _e('Jump to new item'); ?></a></p></div>" ) : ''); 
     50                ajaxAdd.myResponseElement.update(tempObj.showLink ? ( "<div id='jumplink' class='updated fade'><p><a href='#" + what + '-' + tempObj.showLink + "'><?php js_escape(__('Jump to new item')); ?></a></p></div>" ) : ''); 
    5151            } 
    5252            if ( tempObj.addComplete && typeof tempObj.addComplete == 'function' ) 
  • trunk/wp-includes/js/wp-ajax-js.php

    r4458 r4535  
    8282        wpBeforeUnload = window.onbeforeunload; 
    8383        window.onbeforeunload = function() { 
    84             return "<?php _e("Slow down, I'm still sending your data!"); ?>"; 
     84            return "<?php js_escape(__("Slow down, I'm still sending your data!")); ?>"; 
    8585        } 
    8686    }, 
Note: See TracChangeset for help on using the changeset viewer.