Make WordPress Core

Changeset 8853


Ignore:
Timestamp:
09/09/2008 07:08:22 PM (16 years ago)
Author:
markjaquith
Message:

Put aria-required in the proper place, and use htmlspecialchars for sanitizing textarea output. Props Mike Schinkel

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/media.php

    r8827 r8853  
    879879            $item .= $field[$field['input']];
    880880        elseif ( $field['input'] == 'textarea' ) {
    881             $item .= "<textarea type='text' id='$name' name='$name'>" . attribute_escape( $field['value'] ) . $aria_required . "</textarea>";
     881            $item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . htmlspecialchars( $field['value'] ) . "</textarea>";
    882882        } else {
    883883            $item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";
Note: See TracChangeset for help on using the changeset viewer.