Changeset 5589 for branches/2.2/wp-admin/edit-page-form.php
- Timestamp:
- 05/29/2007 04:37:35 AM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.2/wp-admin/edit-page-form.php
r5159 r5589 3 3 <h2 id="write-post"><?php _e('Write Page'); ?></h2> 4 4 <?php 5 5 6 if (0 == $post_ID) { 6 7 $form_action = 'post'; … … 9 10 $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />"; 10 11 } else { 12 $post_ID = (int) $post_ID; 11 13 $form_action = 'editpost'; 12 14 $nonce_action = 'update-page_' . $post_ID; 13 15 $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; 14 16 } 17 18 $temp_ID = (int) $temp_ID; 19 $user_ID = (int) $user_ID; 15 20 16 21 $sendto = clean_url(stripslashes(wp_get_referer())); … … 69 74 <fieldset id="passworddiv" class="dbx-box"> 70 75 <h3 class="dbx-handle"><?php _e('Page Password') ?></h3> 71 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password?>" /></div>76 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape( $post->post_password ); ?>" /></div> 72 77 </fieldset> 73 78 … … 94 99 <fieldset id="slugdiv" class="dbx-box"> 95 100 <h3 class="dbx-handle"><?php _e('Page Slug') ?></h3> 96 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name?>" /></div>101 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" /></div> 97 102 </fieldset> 98 103 … … 107 112 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"'; 108 113 else $selected = ''; 114 $o->ID = (int) $o->ID; 115 $o->display_name = wp_specialchars( $o->display_name ); 109 116 echo "<option value='$o->ID' $selected>$o->display_name</option>"; 110 117 endforeach; … … 127 134 <fieldset id="titlediv"> 128 135 <legend><?php _e('Page Title') ?></legend> 129 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>136 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( $post->post_title ); ?>" id="title" /></div> 130 137 </fieldset> 131 138
Note: See TracChangeset
for help on using the changeset viewer.