WordPress.org
Get WordPress

Make WordPress Core

Changeset 5998


Ignore:
Timestamp:
08/31/2007 11:55:56 PM (18 years ago)
Author:
ryan
Message:

Add some filtering. Props jhodgdon. see #4516

Location:
trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-admin/includes/template.php

    r5964 r5998  
    287287    echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author))  . "', theCommentList );\">" . __('Spam') . "</a> ";
    288288}
    289 $post = get_post($comment->comment_post_ID);
     289$post = get_post($comment->comment_post_ID, OBJECT, 'display');
    290290$post_title = wp_specialchars( $post->post_title, 'double' );
    291291$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;

  • trunk/wp-admin/options-writing.php

    r5562 r5998  
    3434$categories = get_categories('get=all');
    3535foreach ($categories as $category) :
     36$category = sanitize_category($category);
    3637if ($category->term_id == get_option('default_category')) $selected = " selected='selected'";
    3738else $selected = '';
     
    4546<td><select name="default_link_category" id="default_link_category">
    4647<?php
    47 $categories = get_terms('link_category', 'get=all');
    48 foreach ($categories as $category) :
     48$link_categories = get_terms('link_category', 'get=all');
     49foreach ($link_categories as $category) :
     50$category = sanitize_term($category, 'link_category');
    4951if ($category->term_id == get_option('default_link_category')) $selected = " selected='selected'";
    5052else $selected = '';
     
    8486//Alreay have $categories from default_category
    8587foreach ($categories as $category) :
     88$category = sanitize_category($category);
    8689if ($category->cat_ID == get_option('default_email_category')) $selected = " selected='selected'";
    8790else $selected = '';

  • trunk/wp-includes/category.php

    r5938 r5998  
    118118}
    119119
     120function sanitize_category($category, $context = 'display') {
     121    return sanitize_term($category, 'category', $context);
     122}
     123
     124function sanitize_category_field($field, $value, $cat_id, $context) {
     125    return sanitize_term_field($field, $value, $cat_id, 'category', $context);
     126}
     127
    120128// Tags
    121129

  • trunk/wp-includes/general-template.php

    r5965 r5998  
    6161
    6262function bloginfo($show='') {
    63     $info = get_bloginfo($show);
    64 
    65     // Don't filter URL's.
    66     if (strpos($show, 'url') === false &&
    67         strpos($show, 'directory') === false &&
    68         strpos($show, 'home') === false) {
    69         $info = apply_filters('bloginfo', $info, $show);
    70         $info = convert_chars($info);
    71     } else {
    72         $info = apply_filters('bloginfo_url', $info, $show);
    73     }
    74 
    75     echo $info;
     63    echo get_bloginfo($show, 'display');
    7664}
    7765
     
    8270 * to get the information.
    8371 */
    84 function get_bloginfo($show='') {
     72function get_bloginfo($show = '', $filter = 'raw') {
    8573
    8674    switch($show) {
     
    154142            break;
    155143    }
     144
     145    $url = true;
     146    if (strpos($show, 'url') === false &&
     147        strpos($show, 'directory') === false &&
     148        strpos($show, 'home') === false)
     149        $url = false;
     150           
     151    if ( 'display' == $filter ) {
     152        if ( $url )
     153            $output = apply_filters('bloginfo_url', $output, $show);
     154        else
     155            $output = apply_filters('bloginfo', $output, $show);
     156    }
     157
    156158    return $output;
    157159}

  • trunk/wp-login.php

    r5965 r5998  
    151151    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
    152152    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li>
    153     <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
     153    <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display' )); ?></a></li>
    154154<?php else : ?>
    155     <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
     155    <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display' )); ?></a></li>
    156156    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
    157157<?php endif; ?>
     
    273273    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
    274274    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
    275     <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
     275    <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
    276276</ul>
    277277
     
    366366<ul>
    367367<?php if ( in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
    368     <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
     368    <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
    369369<?php elseif (get_option('users_can_register')) : ?>
    370370    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li>
    371371    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
    372     <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
     372    <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
    373373<?php else : ?>
    374     <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
     374    <li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
    375375    <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
    376376<?php endif; ?>
Note: See TracChangeset for help on using the changeset viewer.