WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#17182 closed enhancement (fixed)

string cleanup in general-template

Reported by: niallkennedy Owned by: nacin
Milestone: 3.2 Priority: normal
Severity: minor Version:
Component: General Keywords: has-patch
Focuses: Cc:

Description

Some dynamic strings changed to static in general-template.

Also included an esc_html() of two strings passed in an args array to paginate_links(). The function recasts integer variables from the array just to be sure, and should probably escape HTML output from unknowns as well.

Attachments (1)

general-template.diff (4.4 KB) - added by niallkennedy 3 years ago.
general-template string cleanup

Download all attachments as: .zip

Change History (4)

niallkennedy3 years ago

general-template string cleanup

comment:1 scribu3 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

See #16474.

Feel free to re-open with only the part about extra escaping for paginate_links().

comment:2 nacin3 years ago

  • Owner set to nacin
  • Resolution changed from duplicate to fixed

In [17989]:

Code readability improvements. props niallkennedy, fixes #17166, #17182, #17231, #16474.

comment:3 nacin3 years ago

  • Milestone set to 3.2

I disagree about the escaping. Integers that are supposed to be integers are one thing -- but HTML into paginate_links() seems it may be desirable. Feel free to open a new ticket if I'm reading that wrong, as I may very well be.

Note: See TracTickets for help on using tickets.