Opened 9 years ago
Closed 8 years ago
#2358 closed defect (bug) (duplicate)
Transform HTML Special Chars in comment-functions.php:comments_popup_link()
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | low | |
| Severity: | minor | Version: | 2.0 |
| Component: | General | Keywords: | validation bg|has-patch |
| Focuses: | Cc: |
Description
Because the post title may contain some html special chars, I recommend that use htmlspecialchars() in comments_popup_link() to make the page validated. Thx.
--- comment-functions.php.old Sun Jan 29 23:17:21 2006
+++ comment-functions.php Sun Jan 29 23:08:08 2006
@@ -310,7 +310,7 @@
if (!empty($CSSclass)) {
echo ' class="'.$CSSclass.'"';
}
- echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">';
+ echo ' title="' . sprintf( __('Comment on %s'), htmlspecialchars($post->post_title) ) .'">';
comments_number($zero, $one, $more, $number);
echo '</a>';
}
Change History (2)
Note: See
TracTickets for help on using
tickets.
[3874] [3995]
#2625 #2915
Fixed.