Opened 19 years ago
Closed 19 years ago
#2358 closed defect (bug) (duplicate)
Transform HTML Special Chars in comment-functions.php:comments_popup_link()
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | low | |
Severity: | minor | Version: | 2.0 |
Component: | General | Keywords: | validation bg|has-patch |
Focuses: | Cc: |
Description
Because the post title may contain some html special chars, I recommend that use htmlspecialchars() in comments_popup_link() to make the page validated. Thx.
--- comment-functions.php.old Sun Jan 29 23:17:21 2006 +++ comment-functions.php Sun Jan 29 23:08:08 2006 @@ -310,7 +310,7 @@ if (!empty($CSSclass)) { echo ' class="'.$CSSclass.'"'; } - echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">'; + echo ' title="' . sprintf( __('Comment on %s'), htmlspecialchars($post->post_title) ) .'">'; comments_number($zero, $one, $more, $number); echo '</a>'; }
Change History (2)
Note: See
TracTickets for help on using
tickets.
[3874] [3995]
#2625 #2915
Fixed.