Make WordPress Core

Changeset 4655


Ignore:
Timestamp:
12/21/2006 06:04:39 AM (18 years ago)
Author:
markjaquith
Message:

No need to backslash escape single quotes and line breaks when using js_escape()

Location:
trunk/wp-admin
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-comments.php

    r4649 r4655  
    157157if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
    158158    echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" .  __('Edit') . '</a>';
    159     echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
     159    echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
    160160    if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
    161161        echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
    162162        echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
    163163    }
    164     echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
     164    echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
    165165}
    166166$post = get_post($comment->comment_post_ID);
  • trunk/wp-admin/edit-page-form.php

    r4535 r4655  
    189189    $delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID );
    190190    if ( current_user_can('delete_page', $post->ID) ) ?>
    191         <input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page \'%s\'\\n  \'Cancel\' to stop, \'OK\' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
     191        <input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
    192192<?php endif; ?>
    193193</div>
  • trunk/wp-admin/moderation.php

    r4535 r4655  
    136136<p><?php comment_date('M j, g:i A'); ?> &#8212; [ <?php
    137137echo '<a href="comment.php?action=editcomment&amp;c='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';
    138 echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
     138echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
    139139<?php
    140140$post = get_post($comment->comment_post_ID);
Note: See TracChangeset for help on using the changeset viewer.