s/attribute_escape/attr/. see #9650

git-svn-id: http://svn.automattic.com/wordpress/trunk@11109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-28 05:58:45 +00:00 · 2009-04-28 05:58:45 +00:00 · 2d489767bb
parent 430a8cb2cf
commit 2d489767bb
84 changed files with 391 additions and 391 deletions
--- a/wp-admin/admin-ajax.php
+++ b/wp-admin/admin-ajax.php
@ -474,7 +474,7 @@ case 'add-cat' : // From Manage->Categories
 		$cat_full_name = $_cat->name . ' &#8212; ' . $cat_full_name;
 		$level++;
 	}
-	$cat_full_name = attribute_escape($cat_full_name);
+	$cat_full_name = attr($cat_full_name);
 	$x = new WP_Ajax_Response( array(
 		'what' => 'cat',
@ -552,7 +552,7 @@ case 'add-tag' : // From Manage->Tags
 		die('0');
 	$tag_full_name = $tag->name;
-	$tag_full_name = attribute_escape($tag_full_name);
+	$tag_full_name = attr($tag_full_name);
 	$x = new WP_Ajax_Response( array(
 		'what' => 'tag',
--- a/wp-admin/custom-header.php
+++ b/wp-admin/custom-header.php
@ -287,7 +287,7 @@ class Custom_Image_Header {
 <input type="button" class="button" value="<?php _ea('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
 <input type="button" class="button" value="<?php _ea('Select a Text Color'); ?>" id="pickcolor" /><input type="button" class="button" value="<?php _ea('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
 <?php wp_nonce_field('custom-header') ?>
-<input type="hidden" name="textcolor" id="textcolor" value="#<?php attribute_escape(header_textcolor()) ?>" /><input name="submit" type="submit" class="button" value="<?php _ea('Save Changes'); ?>" /></form>
+<input type="hidden" name="textcolor" id="textcolor" value="#<?php attr(header_textcolor()) ?>" /><input name="submit" type="submit" class="button" value="<?php _ea('Save Changes'); ?>" /></form>
 <?php } ?>
 <div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;display:none;"> </div>
@ -296,7 +296,7 @@ class Custom_Image_Header {
 <h2><?php _e('Upload New Header Image'); ?></h2><p><?php _e('Here you can upload a custom header image to be shown at the top of your blog instead of the default one. On the next screen you will be able to crop the image.'); ?></p>
 <p><?php printf(__('Images of exactly <strong>%1$d x %2$d pixels</strong> will be used as-is.'), HEADER_IMAGE_WIDTH, HEADER_IMAGE_HEIGHT); ?></p>
-<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo attribute_escape(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
+<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo attr(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
 <label for="upload"><?php _e('Choose an image from your computer:'); ?></label><br /><input type="file" id="upload" name="import" />
 <input type="hidden" name="action" value="save" />
 <?php wp_nonce_field('custom-header') ?>
@ -311,7 +311,7 @@ class Custom_Image_Header {
 <div class="wrap">
 <h2><?php _e('Reset Header Image and Color'); ?></h2>
 <p><?php _e('This will restore the original header image and color. You will not be able to retrieve any customizations.') ?></p>
-<form method="post" action="<?php echo attribute_escape(add_query_arg('step', 1)) ?>">
+<form method="post" action="<?php echo attr(add_query_arg('step', 1)) ?>">
 <?php wp_nonce_field('custom-header'); ?>
 <input type="submit" class="button" name="resetheader" value="<?php _ea('Restore Original Header'); ?>" />
 </form>
@ -372,7 +372,7 @@ class Custom_Image_Header {
 <div class="wrap">
-<form method="POST" action="<?php echo attribute_escape(add_query_arg('step', 3)) ?>">
+<form method="POST" action="<?php echo attr(add_query_arg('step', 3)) ?>">
 <p><?php _e('Choose the part of the image you want to use as your header.'); ?></p>
 <div id="testWrap" style="position: relative">
--- a/wp-admin/edit-attachment-rows.php
+++ b/wp-admin/edit-attachment-rows.php
@ -62,7 +62,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
 			if ( $thumb = wp_get_attachment_image( $post->ID, array(80, 60), true ) ) {
 ?>
-				<a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>">
+				<a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $att_title)); ?>">
 					<?php echo $thumb; ?>
 				</a>
@ -74,7 +74,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
 	case 'media':
 		?>
-		<td <?php echo $attributes ?>><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
+		<td <?php echo $attributes ?>><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
 		<?php echo strtoupper(preg_replace('/^.*?\.(\w+)$/', '$1', get_attached_file($post->ID))); ?>
 		<p>
 		<?php
@ -83,7 +83,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
 			$actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '">' . __('Edit') . '</a>';
 		if ( current_user_can('delete_post', $post->ID) )
 			$actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
-		$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attribute_escape(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+		$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attr(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
 		$action_count = count($actions);
 		$i = 0;
 		echo '<div class="row-actions">';
@ -182,7 +182,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
 	case 'actions':
 		?>
 		<td <?php echo $attributes ?>>
-		<a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php _e('Edit'); ?></a> |
+		<a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php _e('Edit'); ?></a> |
 		<a href="<?php the_permalink(); ?>"><?php _e('Get permalink'); ?></a>
 		</td>
 		<?php
--- a/wp-admin/edit-category-form.php
+++ b/wp-admin/edit-category-form.php
@ -49,12 +49,12 @@ _fill_empty_category($category);
 	<table class="form-table">
 		<tr class="form-field form-required">
 			<th scope="row" valign="top"><label for="cat_name"><?php _e('Category Name') ?></label></th>
-			<td><input name="cat_name" id="cat_name" type="text" value="<?php echo attribute_escape($category->name); ?>" size="40" aria-required="true" /><br />
+			<td><input name="cat_name" id="cat_name" type="text" value="<?php echo attr($category->name); ?>" size="40" aria-required="true" /><br />
            <?php _e('The name is used to identify the category almost everywhere, for example under the post or in the category widget.'); ?></td>
 		</tr>
 		<tr class="form-field">
 			<th scope="row" valign="top"><label for="category_nicename"><?php _e('Category Slug') ?></label></th>
-			<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attribute_escape(apply_filters('editable_slug', $category->slug)); ?>" size="40" /><br />
+			<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attr(apply_filters('editable_slug', $category->slug)); ?>" size="40" /><br />
            <?php _e('The &#8220;slug&#8221; is the URL-friendly version of the name. It is usually all lowercase and contains only letters, numbers, and hyphens.'); ?></td>
 		</tr>
 		<tr class="form-field">
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@ -83,7 +83,7 @@ else
 require_once('admin-header.php');
-$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : attribute_escape($_GET['mode']);
+$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : attr($_GET['mode']);
 $default_status = get_user_option('edit_comments_last_view');
 if ( empty($default_status) )
@ -94,10 +94,10 @@ if ( !in_array($comment_status, array('all', 'moderated', 'approved', 'spam')) )
 if ( $comment_status != $default_status )
 	update_usermeta($current_user->ID, 'edit_comments_last_view', $comment_status);
-$comment_type = !empty($_GET['comment_type']) ? attribute_escape($_GET['comment_type']) : '';
+$comment_type = !empty($_GET['comment_type']) ? attr($_GET['comment_type']) : '';
 $search_dirty = ( isset($_GET['s']) ) ? $_GET['s'] : '';
-$search = attribute_escape( $search_dirty ); ?>
+$search = attr( $search_dirty ); ?>
 <div class="wrap">
 <?php screen_icon(); ?>
@ -164,7 +164,7 @@ foreach ( $stati as $status => $label ) {
 	/*
 	// I toyed with this, but decided against it. Leaving it in here in case anyone thinks it is a good idea. ~ Mark
 	if ( !empty( $_GET['s'] ) )
-		$link = add_query_arg( 's', attribute_escape( stripslashes( $_GET['s'] ) ), $link );
+		$link = add_query_arg( 's', attr( stripslashes( $_GET['s'] ) ), $link );
 	*/
 	$status_links[] = "<li class='$status'><a href='$link'$class>" . sprintf(
 		_n( $label[0], $label[1], $num_comments->$status ),
@ -364,8 +364,8 @@ if ( $page_links )
 	<input type="hidden" name="mode" value="<?php echo attr($mode); ?>" />
 	<input type="hidden" name="comment_status" value="<?php echo attr($comment_status); ?>" />
 	<input type="hidden" name="page" value="<?php echo isset($_REQUEST['page']) ? absint( $_REQUEST['page'] ) : 1; ?>" />
-	<input type="hidden" name="p" value="<?php echo attribute_escape( $post_id ); ?>" />
+	<input type="hidden" name="p" value="<?php echo attr( $post_id ); ?>" />
-	<input type="hidden" name="comment_type" value="<?php echo attribute_escape( $comment_type ); ?>" />
+	<input type="hidden" name="comment_type" value="<?php echo attr( $comment_type ); ?>" />
 	<?php wp_nonce_field( 'add-comment', '_ajax_nonce', false ); ?>
 </form>
--- a/wp-admin/edit-form-advanced.php
+++ b/wp-admin/edit-form-advanced.php
@ -16,7 +16,7 @@ $post_ID = isset($post_ID) ? (int) $post_ID : 0;
 $action = isset($action) ? $action : '';
 if ( isset($_GET['message']) )
 	$_GET['message'] = absint( $_GET['message'] );
-$messages[1] = sprintf( __( 'Post updated. Continue editing below or <a href="%s">go back</a>.' ), attribute_escape( stripslashes( ( isset( $_GET['_wp_original_http_referer'] ) ? $_GET['_wp_original_http_referer'] : '') ) ) );
+$messages[1] = sprintf( __( 'Post updated. Continue editing below or <a href="%s">go back</a>.' ), attr( stripslashes( ( isset( $_GET['_wp_original_http_referer'] ) ? $_GET['_wp_original_http_referer'] : '') ) ) );
 $messages[2] = __('Custom field updated.');
 $messages[3] = __('Custom field deleted.');
 $messages[4] = __('Post updated.');
@ -169,15 +169,15 @@ if ( 'private' == $post->post_status ) {
 ?><?php echo wp_specialchars( $visibility_trans ); ?></span></b> <?php if ( $can_publish ) { ?> <a href="#visibility" class="edit-visibility hide-if-no-js"><?php _e('Edit'); ?></a>
 <div id="post-visibility-select" class="hide-if-js">
-<input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo attribute_escape($post->post_password); ?>" />
+<input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo attr($post->post_password); ?>" />
 <input type="checkbox" style="display:none" name="hidden_post_sticky" id="hidden-post-sticky" value="sticky" <?php checked(is_sticky($post->ID)); ?> />
-<input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo attribute_escape( $visibility ); ?>" />
+<input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo attr( $visibility ); ?>" />
 <input type="radio" name="visibility" id="visibility-radio-public" value="public" <?php checked( $visibility, 'public' ); ?> /> <label for="visibility-radio-public" class="selectit"><?php _e('Public'); ?></label><br />
 <span id="sticky-span"><input id="sticky" name="sticky" type="checkbox" value="sticky" <?php checked(is_sticky($post->ID)); ?> tabindex="4" /> <label for="sticky" class="selectit"><?php _e('Stick this post to the front page') ?></label><br /></span>
 <input type="radio" name="visibility" id="visibility-radio-password" value="password" <?php checked( $visibility, 'password' ); ?> /> <label for="visibility-radio-password" class="selectit"><?php _e('Password protected'); ?></label><br />
-<span id="password-span"><label for="post_password"><?php _e('Password:'); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo attribute_escape($post->post_password); ?>" /><br /></span>
+<span id="password-span"><label for="post_password"><?php _e('Password:'); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo attr($post->post_password); ?>" /><br /></span>
 <input type="radio" name="visibility" id="visibility-radio-private" value="private" <?php checked( $visibility, 'private' ); ?> /> <label for="visibility-radio-private" class="selectit"><?php _e('Private'); ?></label><br />
 <p>
@ -271,7 +271,7 @@ add_meta_box('submitdiv', __('Publish'), 'post_submit_meta_box', 'post', 'side',
 function post_tags_meta_box($post, $box) {
 	$tax_name = substr($box['id'], 8);
 	$taxonomy = get_taxonomy($tax_name);
-	$helps = isset($taxonomy->helps) ? attribute_escape($taxonomy->helps) : __('Separate tags with commas.');
+	$helps = isset($taxonomy->helps) ? attr($taxonomy->helps) : __('Separate tags with commas.');
 ?>
 <div class="tagsdiv" id="<?php echo $tax_name; ?>">
 	<p class="jaxtag">
@ -293,7 +293,7 @@ function post_tags_meta_box($post, $box) {
 foreach ( get_object_taxonomies('post') as $tax_name ) {
 	if ( !is_taxonomy_hierarchical($tax_name) ) {
 		$taxonomy = get_taxonomy($tax_name);
-		$label = isset($taxonomy->label) ? attribute_escape($taxonomy->label) : $tax_name;
+		$label = isset($taxonomy->label) ? attr($taxonomy->label) : $tax_name;
 		add_meta_box('tagsdiv-' . $tax_name, $label, 'post_tags_meta_box', 'post', 'side', 'core');
 	}
@ -384,7 +384,7 @@ add_meta_box('postexcerpt', __('Excerpt'), 'post_excerpt_meta_box', 'post', 'nor
 * @param object $post
 */
 function post_trackback_meta_box($post) {
-	$form_trackback = '<input type="text" name="trackback_url" id="trackback_url" class="code" tabindex="7" value="'. attribute_escape( str_replace("\n", ' ', $post->to_ping) ) .'" />';
+	$form_trackback = '<input type="text" name="trackback_url" id="trackback_url" class="code" tabindex="7" value="'. attr( str_replace("\n", ' ', $post->to_ping) ) .'" />';
 	if ('' != $post->pinged) {
 		$pings = '<p>'. __('Already pinged:') . '</p><ul>';
 		$already_pinged = explode("\n", trim($post->pinged));
@ -497,7 +497,7 @@ if ( 'publish' == $post->post_status || 'private' == $post->post_status )
 */
 function post_slug_meta_box($post) {
 ?>
-<label class="hidden" for="post_name"><?php _e('Post Slug') ?></label><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" />
+<label class="hidden" for="post_name"><?php _e('Post Slug') ?></label><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attr( $post->post_name ); ?>" />
 <?php
 }
 if ( !( 'pending' == $post->post_status && !current_user_can( 'publish_posts' ) ) )
@ -574,7 +574,7 @@ else
 <input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID ?>" />
 <input type="hidden" id="hiddenaction" name="action" value="<?php echo attr($form_action) ?>" />
 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo attr($form_action) ?>" />
-<input type="hidden" id="post_author" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" />
+<input type="hidden" id="post_author" name="post_author" value="<?php echo attr( $post->post_author ); ?>" />
 <input type="hidden" id="post_type" name="post_type" value="<?php echo attr($post->post_type) ?>" />
 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo attr($post->post_status) ?>" />
 <input name="referredby" type="hidden" id="referredby" value="<?php echo clean_url(stripslashes(wp_get_referer())); ?>" />
@ -595,7 +595,7 @@ else
 <div id="post-body-content">
 <div id="titlediv">
 <div id="titlewrap">
-	<input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( htmlspecialchars( $post->post_title ) ); ?>" id="title" autocomplete="off" />
+	<input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attr( htmlspecialchars( $post->post_title ) ); ?>" id="title" autocomplete="off" />
 </div>
 <div class="inside">
 <?php $sample_permalink_html = get_sample_permalink_html($post->ID); ?>
--- a/wp-admin/edit-form-comment.php
+++ b/wp-admin/edit-form-comment.php
@ -26,8 +26,8 @@ $form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . attr($com
 <input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
 <?php
-$email = attribute_escape( $comment->comment_author_email );
+$email = attr( $comment->comment_author_email );
-$url = attribute_escape( $comment->comment_author_url );
+$url = attr( $comment->comment_author_url );
 // add_meta_box('submitdiv', __('Save'), 'comment_submit_meta_box', 'comment', 'side', 'core');
 ?>
@ -90,7 +90,7 @@ $date = date_i18n( $datef, strtotime( $comment->comment_date ) );
 <tbody>
 <tr valign="top">
 	<td class="first"><?php _e( 'Name:' ); ?></td>
-	<td><input type="text" name="newcomment_author" size="30" value="<?php echo attribute_escape( $comment->comment_author ); ?>" tabindex="1" id="name" /></td>
+	<td><input type="text" name="newcomment_author" size="30" value="<?php echo attr( $comment->comment_author ); ?>" tabindex="1" id="name" /></td>
 </tr>
 <tr valign="top">
 	<td class="first">
--- a/wp-admin/edit-link-category-form.php
+++ b/wp-admin/edit-link-category-form.php
@ -67,7 +67,7 @@ _fill_empty_link_category($category);
 		</tr>
 		<tr class="form-field">
 			<th scope="row" valign="top"><label for="slug"><?php _e('Link Category slug') ?></label></th>
-			<td><input name="slug" id="slug" type="text" value="<?php echo attribute_escape(apply_filters('editable_slug', $category->slug)); ?>" size="40" /><br />
+			<td><input name="slug" id="slug" type="text" value="<?php echo attr(apply_filters('editable_slug', $category->slug)); ?>" size="40" /><br />
            <?php _e('The &#8220;slug&#8221; is the URL-friendly version of the name. It is usually all lowercase and contains only letters, numbers, and hyphens.'); ?></td>
 		</tr>
 		<tr class="form-field">
--- a/wp-admin/edit-link-form.php
+++ b/wp-admin/edit-link-form.php
@ -404,7 +404,7 @@ do_meta_boxes('link', 'advanced', $link);
 if ( $link_id ) : ?>
 <input type="hidden" name="action" value="save" />
 <input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
-<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
+<input type="hidden" name="order_by" value="<?php echo attr($order_by); ?>" />
 <input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
 <?php else: ?>
 <input type="hidden" name="action" value="add" />
--- a/wp-admin/edit-page-form.php
+++ b/wp-admin/edit-page-form.php
@ -18,7 +18,7 @@ if ( ! isset( $temp_ID ) )
 if ( isset($_GET['message']) )
 	$_GET['message'] = absint( $_GET['message'] );
-$messages[1] = sprintf( __( 'Page updated. Continue editing below or <a href="%s">go back</a>.' ), attribute_escape( stripslashes( ( isset( $_GET['_wp_original_http_referer'] ) ? $_GET['_wp_original_http_referer'] : '') ) ) );
+$messages[1] = sprintf( __( 'Page updated. Continue editing below or <a href="%s">go back</a>.' ), attr( stripslashes( ( isset( $_GET['_wp_original_http_referer'] ) ? $_GET['_wp_original_http_referer'] : '') ) ) );
 $messages[2] = __('Custom field updated.');
 $messages[3] = __('Custom field deleted.');
 $messages[4] = sprintf(__('Page updated. <a href="%s">View page</a>'), get_permalink($post_ID));
@ -73,9 +73,9 @@ function page_submit_meta_box($post) {
 <div id="minor-publishing-actions">
 <div id="save-action">
 <?php if ( 'publish' != $post->post_status && 'future' != $post->post_status && 'pending' != $post->post_status )  { ?>
-<input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php echo attribute_escape( __('Save Draft') ); ?>" tabindex="4" class="button button-highlighted" />
+<input <?php if ( 'private' == $post->post_status ) { ?>style="display:none"<?php } ?> type="submit" name="save" id="save-post" value="<?php echo attr( __('Save Draft') ); ?>" tabindex="4" class="button button-highlighted" />
 <?php } elseif ( 'pending' == $post->post_status && $can_publish ) { ?>
-<input type="submit" name="save" id="save-post" value="<?php echo attribute_escape( __('Save as Pending') ); ?>" tabindex="4" class="button button-highlighted" />
+<input type="submit" name="save" id="save-post" value="<?php echo attr( __('Save as Pending') ); ?>" tabindex="4" class="button button-highlighted" />
 <?php } ?>
 </div>
@ -162,13 +162,13 @@ if ( 'private' == $post->post_status ) {
 ?><?php echo wp_specialchars( $visibility_trans ); ?></span></b> <?php if ( $can_publish ) { ?> <a href="#visibility" class="edit-visibility hide-if-no-js"><?php _e('Edit'); ?></a>
 <div id="post-visibility-select" class="hide-if-js">
-<input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo attribute_escape($post->post_password); ?>" />
+<input type="hidden" name="hidden_post_password" id="hidden-post-password" value="<?php echo attr($post->post_password); ?>" />
-<input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo attribute_escape( $visibility ); ?>" />
+<input type="hidden" name="hidden_post_visibility" id="hidden-post-visibility" value="<?php echo attr( $visibility ); ?>" />
 <input type="radio" name="visibility" id="visibility-radio-public" value="public" <?php checked( $visibility, 'public' ); ?> /> <label for="visibility-radio-public" class="selectit"><?php _e('Public'); ?></label><br />
 <input type="radio" name="visibility" id="visibility-radio-password" value="password" <?php checked( $visibility, 'password' ); ?> /> <label for="visibility-radio-password" class="selectit"><?php _e('Password protected'); ?></label><br />
-<span id="password-span"><label for="post_password"><?php _e('Password:'); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo attribute_escape($post->post_password); ?>" /><br /></span>
+<span id="password-span"><label for="post_password"><?php _e('Password:'); ?></label> <input type="text" name="post_password" id="post_password" value="<?php echo attr($post->post_password); ?>" /><br /></span>
 <input type="radio" name="visibility" id="visibility-radio-private" value="private" <?php checked( $visibility, 'private' ); ?> /> <label for="visibility-radio-private" class="selectit"><?php _e('Private'); ?></label><br />
 <p>
@ -349,7 +349,7 @@ add_meta_box('pagecommentstatusdiv', __('Discussion'), 'page_comments_status_met
 */
 function page_slug_meta_box($post){
 ?>
-<label class="hidden" for="post_name"><?php _e('Page Slug') ?></label><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape( $post->post_name ); ?>" />
+<label class="hidden" for="post_name"><?php _e('Page Slug') ?></label><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attr( $post->post_name ); ?>" />
 <?php
 }
 add_meta_box('pageslugdiv', __('Page Slug'), 'page_slug_meta_box', 'page', 'normal', 'core');
@ -419,7 +419,7 @@ if (isset($mode) && 'bookmarklet' == $mode)
 <input type="hidden" id="user-id" name="user_ID" value="<?php echo $user_ID ?>" />
 <input type="hidden" id="hiddenaction" name="action" value='<?php echo $form_action ?>' />
 <input type="hidden" id="originalaction" name="originalaction" value="<?php echo $form_action ?>" />
-<input type="hidden" id="post_author" name="post_author" value="<?php echo attribute_escape( $post->post_author ); ?>" />
+<input type="hidden" id="post_author" name="post_author" value="<?php echo attr( $post->post_author ); ?>" />
 <?php echo $form_extra ?>
 <input type="hidden" id="post_type" name="post_type" value="<?php echo $post->post_type ?>" />
 <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo $post->post_status ?>" />
@ -442,7 +442,7 @@ $side_meta_boxes = do_meta_boxes('page', 'side', $post);
 <div id="post-body-content">
 <div id="titlediv">
 <div id="titlewrap">
-  <input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape( htmlspecialchars( $post->post_title ) ); ?>" id="title" autocomplete="off" />
+  <input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attr( htmlspecialchars( $post->post_title ) ); ?>" id="title" autocomplete="off" />
 </div>
 <div class="inside">
 <?php $sample_permalink_html = get_sample_permalink_html($post->ID); ?>
--- a/wp-admin/edit-pages.php
+++ b/wp-admin/edit-pages.php
@ -175,7 +175,7 @@ endif;
 </p>
 <?php if ( isset($_GET['post_status'] ) ) : ?>
-<input type="hidden" name="post_status" value="<?php echo attribute_escape($_GET['post_status']) ?>" />
+<input type="hidden" name="post_status" value="<?php echo attr($_GET['post_status']) ?>" />
 <?php endif; ?>
 <?php if ($posts) { ?>
--- a/wp-admin/edit-tag-form.php
+++ b/wp-admin/edit-tag-form.php
@ -21,17 +21,17 @@ do_action('edit_tag_form_pre', $tag); ?>
 <form name="edittag" id="edittag" method="post" action="edit-tags.php" class="validate">
 <input type="hidden" name="action" value="editedtag" />
 <input type="hidden" name="tag_ID" value="<?php echo $tag->term_id ?>" />
-<input type="hidden" name="taxonomy" value="<?php echo attribute_escape($taxonomy) ?>" />
+<input type="hidden" name="taxonomy" value="<?php echo attr($taxonomy) ?>" />
 <?php wp_original_referer_field(true, 'previous'); wp_nonce_field('update-tag_' . $tag_ID); ?>
 	<table class="form-table">
 		<tr class="form-field form-required">
 			<th scope="row" valign="top"><label for="name"><?php _e('Tag name') ?></label></th>
-			<td><input name="name" id="name" type="text" value="<?php if ( isset( $tag->name ) ) echo attribute_escape($tag->name); ?>" size="40" aria-required="true" />
+			<td><input name="name" id="name" type="text" value="<?php if ( isset( $tag->name ) ) echo attr($tag->name); ?>" size="40" aria-required="true" />
            <p><?php _e('The name is how the tag appears on your site.'); ?></p></td>
 		</tr>
 		<tr class="form-field">
 			<th scope="row" valign="top"><label for="slug"><?php _e('Tag slug') ?></label></th>
-			<td><input name="slug" id="slug" type="text" value="<?php if ( isset( $tag->slug ) ) echo attribute_escape(apply_filters('editable_slug', $tag->slug)); ?>" size="40" />
+			<td><input name="slug" id="slug" type="text" value="<?php if ( isset( $tag->slug ) ) echo attr(apply_filters('editable_slug', $tag->slug)); ?>" size="40" />
            <p><?php _e('The &#8220;slug&#8221; is the URL-friendly version of the name. It is usually all lowercase and contains only letters, numbers, and hyphens.'); ?></p></td>
 		</tr>
 		<tr class="form-field">
--- a/wp-admin/edit-tags.php
+++ b/wp-admin/edit-tags.php
@ -170,7 +170,7 @@ endif; ?>
 <div id="col-right">
 <div class="col-wrap">
 <form id="posts-filter" action="" method="get">
-<input type="hidden" name="taxonomy" value="<?php echo attribute_escape($taxonomy); ?>" />
+<input type="hidden" name="taxonomy" value="<?php echo attr($taxonomy); ?>" />
 <div class="tablenav">
 <?php
 $pagenum = isset( $_GET['pagenum'] ) ? absint( $_GET['pagenum'] ) : 0;
@ -276,7 +276,7 @@ else
 <div id="ajax-response"></div>
 <form name="addtag" id="addtag" method="post" action="edit-tags.php" class="add:the-list: validate">
 <input type="hidden" name="action" value="addtag" />
-<input type="hidden" name="taxonomy" value="<?php echo attribute_escape($taxonomy); ?>" />
+<input type="hidden" name="taxonomy" value="<?php echo attr($taxonomy); ?>" />
 <?php wp_original_referer_field(true, 'previous'); wp_nonce_field('add-tag'); ?>
 <div class="form-field form-required">
--- a/wp-admin/edit.php
+++ b/wp-admin/edit.php
@ -92,7 +92,7 @@ if ( !isset( $_GET['paged'] ) )
 if ( empty($_GET['mode']) )
 	$mode = 'list';
 else
-	$mode = attribute_escape($_GET['mode']); ?>
+	$mode = attr($_GET['mode']); ?>
 <div class="wrap">
 <?php screen_icon(); ?>
@ -170,7 +170,7 @@ endif;
 </p>
 <?php if ( isset($_GET['post_status'] ) ) : ?>
-<input type="hidden" name="post_status" value="<?php echo attribute_escape($_GET['post_status']) ?>" />
+<input type="hidden" name="post_status" value="<?php echo attr($_GET['post_status']) ?>" />
 <?php endif; ?>
 <input type="hidden" name="mode" value="<?php echo $mode; ?>" />
--- a/wp-admin/import/dotclear.php
+++ b/wp-admin/import/dotclear.php
@ -215,7 +215,7 @@ class Dotclear_Import {
 		echo '<form action="admin.php?import=dotclear&amp;step=1" method="post">';
 		wp_nonce_field('import-dotclear');
 		$this->db_form();
-		echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.attribute_escape(__('Import Categories')).'" /></p>';
+		echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.attr(__('Import Categories')).'" /></p>';
 		echo '</form></div>';
 	}
@ -632,7 +632,7 @@ class Dotclear_Import {
 		echo '<form action="admin.php?import=dotclear&amp;step=2" method="post">';
 		wp_nonce_field('import-dotclear');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Users')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Users')));
 		echo '</form>';
 	}
@ -645,7 +645,7 @@ class Dotclear_Import {
 		echo '<form action="admin.php?import=dotclear&amp;step=3" method="post">';
 		wp_nonce_field('import-dotclear');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Posts')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Posts')));
 		echo '</form>';
 	}
@ -659,7 +659,7 @@ class Dotclear_Import {
 		echo '<form action="admin.php?import=dotclear&amp;step=4" method="post">';
 		wp_nonce_field('import-dotclear');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Comments')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Comments')));
 		echo '</form>';
 	}
@ -671,7 +671,7 @@ class Dotclear_Import {
 		echo '<form action="admin.php?import=dotclear&amp;step=5" method="post">';
 		wp_nonce_field('import-dotclear');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Links')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Links')));
 		echo '</form>';
 	}
@ -684,7 +684,7 @@ class Dotclear_Import {
 		echo '<form action="admin.php?import=dotclear&amp;step=6" method="post">';
 		wp_nonce_field('import-dotclear');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Finish')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Finish')));
 		echo '</form>';
 	}
--- a/wp-admin/import/livejournal.php
+++ b/wp-admin/import/livejournal.php
@ -184,9 +184,9 @@ class LJ_API_Import {
 			<input type="hidden" name="step" value="<?php echo get_option( 'ljapi_step' ) ?>" />
 			<p><?php _e( 'It looks like you attempted to import your LiveJournal posts previously and got interrupted.' ) ?></p>
 			<p class="submit">
-				<input type="submit" class="button-primary" value="<?php echo attribute_escape( __( 'Continue previous import' ) ) ?>" />
+				<input type="submit" class="button-primary" value="<?php echo attr( __( 'Continue previous import' ) ) ?>" />
 			</p>
-			<p class="submitbox"><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attribute_escape( $_SERVER['REQUEST_URI'] )) ?>" class="deletion submitdelete"><?php _e( 'Cancel &amp; start a new import' ) ?></a></p>
+			<p class="submitbox"><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attr( $_SERVER['REQUEST_URI'] )) ?>" class="deletion submitdelete"><?php _e( 'Cancel &amp; start a new import' ) ?></a></p>
 			<p>
 		<?php else : ?>
 			<input type="hidden" name="step" value="1" />
@ -223,7 +223,7 @@ class LJ_API_Import {
 			<p><?php _e( "<strong>WARNING:</strong> This can take a really long time if you have a lot of entries in your LiveJournal, or a lot of comments. Ideally, you should only start this process if you can leave your computer alone while it finishes the import." ) ?></p>
 			<p class="submit">
-				<input type="submit" class="button-primary" value="<?php echo attribute_escape( __( 'Connect to LiveJournal and Import' ) ) ?>" />
+				<input type="submit" class="button-primary" value="<?php echo attr( __( 'Connect to LiveJournal and Import' ) ) ?>" />
 			</p>
 			<p><?php _e( '<strong>NOTE:</strong> If the import process is interrupted for <em>any</em> reason, come back to this page and it will continue from where it stopped automatically.' ) ?></p>
@ -724,7 +724,7 @@ class LJ_API_Import {
 		if ( empty( $this->username ) || empty( $this->password ) ) {
 			?>
 			<p><?php _e( 'Please enter your LiveJournal username <em>and</em> password so we can download your posts and comments.' ) ?></p>
-			<p><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attribute_escape( str_replace( '&step=1', '', $_SERVER['REQUEST_URI'] ) ) ) ?>"><?php _e( 'Start again' ) ?></a></p>
+			<p><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attr( str_replace( '&step=1', '', $_SERVER['REQUEST_URI'] ) ) ) ?>"><?php _e( 'Start again' ) ?></a></p>
 			<?php
 			return false;
 		}
@ -736,7 +736,7 @@ class LJ_API_Import {
 				delete_option( 'ljapi_protected_password' );
 				?>
 				<p><?php _e( 'Logging in to LiveJournal failed. Check your username and password and try again.' ) ?></p>
-				<p><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attribute_escape( str_replace( '&step=1', '', $_SERVER['REQUEST_URI'] ) ) ) ?>"><?php _e( 'Start again' ) ?></a></p>
+				<p><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attr( str_replace( '&step=1', '', $_SERVER['REQUEST_URI'] ) ) ) ?>"><?php _e( 'Start again' ) ?></a></p>
 				<?php
 				return false;
 			} else {
@ -816,7 +816,7 @@ class LJ_API_Import {
 			<form action="admin.php?import=livejournal" method="post" id="ljapi-auto-repost">
 			<?php wp_nonce_field( 'lj-api-import' ) ?>
 			<input type="hidden" name="step" id="step" value="1" />
-			<p><input type="submit" class="button-primary" value="<?php echo attribute_escape( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
+			<p><input type="submit" class="button-primary" value="<?php echo attr( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
 			</form>
 			<?php $this->auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
 		<?php
@ -866,7 +866,7 @@ class LJ_API_Import {
 			<p><strong><?php printf( __( 'Imported comment batch %d of <strong>approximately</strong> %d' ), get_option( 'ljapi_comment_batch' ), $batch ) ?></strong></p>
 			<?php wp_nonce_field( 'lj-api-import' ) ?>
 			<input type="hidden" name="step" id="step" value="2" />
-			<p><input type="submit" class="button-primary" value="<?php echo attribute_escape( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
+			<p><input type="submit" class="button-primary" value="<?php echo attr( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
 			</form>
 			<?php $this->auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
 		<?php
@ -942,7 +942,7 @@ class LJ_API_Import {
 		$str .= wp_nonce_field( 'lj-api-import', '_wpnonce', true, false );
 		$str .= wp_referer_field( false );
 		$str .= '<input type="hidden" name="step" id="step" value="' . $next_step . '" />';
-		$str .= '<p><input type="submit" class="button-primary" value="' . attribute_escape( $label ) . '" /> <span id="auto-message"></span></p>';
+		$str .= '<p><input type="submit" class="button-primary" value="' . attr( $label ) . '" /> <span id="auto-message"></span></p>';
 		$str .= '</form>';
 		return $str;
--- a/wp-admin/import/mt.php
+++ b/wp-admin/import/mt.php
@ -39,14 +39,14 @@ class MT_Import {
 <p><?php _e('Howdy! We&#8217;re about to begin importing all of your Movable Type or Typepad entries into WordPress. To begin, either choose a file to upload and click "Upload file and import," or use FTP to upload your MT export file as <code>mt-export.txt</code> in your <code>/wp-content/</code> directory and then click "Import mt-export.txt"'); ?></p>
 <?php wp_import_upload_form( add_query_arg('step', 1) ); ?>
-<form method="post" action="<?php echo attribute_escape(add_query_arg('step', 1)); ?>" class="import-upload-form">
+<form method="post" action="<?php echo attr(add_query_arg('step', 1)); ?>" class="import-upload-form">
 <?php wp_nonce_field('import-upload'); ?>
 <p>
 	<input type="hidden" name="upload_type" value="ftp" />
 <?php _e('Or use <code>mt-export.txt</code> in your <code>/wp-content/</code> directory'); ?></p>
 <p class="submit">
-<input type="submit" class="button" value="<?php echo attribute_escape(__('Import mt-export.txt')); ?>" />
+<input type="submit" class="button" value="<?php echo attr(__('Import mt-export.txt')); ?>" />
 </p>
 </form>
 <p><?php _e('The importer is smart enough not to import duplicates, so you can run this multiple times without worry if&#8212;for whatever reason&#8212;it doesn\'t finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces.'); ?> </p>
--- a/wp-admin/import/textpattern.php
+++ b/wp-admin/import/textpattern.php
@ -70,7 +70,7 @@ class Textpattern_Import {
 		echo '<form action="admin.php?import=textpattern&amp;step=1" method="post">';
 		wp_nonce_field('import-textpattern');
 		$this->db_form();
-		echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.attribute_escape(__('Import')).'" /></p>';
+		echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.attr(__('Import')).'" /></p>';
 		echo '</form>';
 		echo '</div>';
 	}
@ -505,7 +505,7 @@ class Textpattern_Import {
 		echo '<form action="admin.php?import=textpattern&amp;step=2" method="post">';
 		wp_nonce_field('import-textpattern');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Users')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Users')));
 		echo '</form>';
 	}
@ -518,7 +518,7 @@ class Textpattern_Import {
 		echo '<form action="admin.php?import=textpattern&amp;step=3" method="post">';
 		wp_nonce_field('import-textpattern');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Posts')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Posts')));
 		echo '</form>';
 	}
@ -532,7 +532,7 @@ class Textpattern_Import {
 		echo '<form action="admin.php?import=textpattern&amp;step=4" method="post">';
 		wp_nonce_field('import-textpattern');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Comments')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Comments')));
 		echo '</form>';
 	}
@ -544,7 +544,7 @@ class Textpattern_Import {
 		echo '<form action="admin.php?import=textpattern&amp;step=5" method="post">';
 		wp_nonce_field('import-textpattern');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Import Links')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Links')));
 		echo '</form>';
 	}
@ -557,7 +557,7 @@ class Textpattern_Import {
 		echo '<form action="admin.php?import=textpattern&amp;step=6" method="post">';
 		wp_nonce_field('import-textpattern');
-		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attribute_escape(__('Finish')));
+		printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Finish')));
 		echo '</form>';
 	}
--- a/wp-admin/import/wordpress.php
+++ b/wp-admin/import/wordpress.php
@ -233,7 +233,7 @@ class WP_Import {
 		}
 		echo '<p class="submit">';
-		echo '<input type="submit" class="button" value="'.attribute_escape( __('Submit') ).'" />'.'<br />';
+		echo '<input type="submit" class="button" value="'.attr( __('Submit') ).'" />'.'<br />';
 		echo '</p>';
 		echo '</form>';
--- a/wp-admin/import/wp-cat2tag.php
+++ b/wp-admin/import/wp-cat2tag.php
@ -184,7 +184,7 @@ function check_all_tagrows() {
 <ul style="list-style:none">
 <?php	foreach ( $this->all_tags as $tag ) { ?>
-	<li><label><input type="checkbox" name="tags_to_convert[]" value="<?php echo intval($tag->term_id); ?>" /> <?php echo attribute_escape($tag->name) . ' (' . $tag->count . ')'; ?></label><?php if ( in_array( intval($tag->term_id),  $this->hybrids_ids ) ) echo ' <a href="#note"> * </a>'; ?></li>
+	<li><label><input type="checkbox" name="tags_to_convert[]" value="<?php echo intval($tag->term_id); ?>" /> <?php echo attr($tag->name) . ' (' . $tag->count . ')'; ?></label><?php if ( in_array( intval($tag->term_id),  $this->hybrids_ids ) ) echo ' <a href="#note"> * </a>'; ?></li>
 <?php	} ?>
 </ul>
--- a/wp-admin/includes/bookmark.php
+++ b/wp-admin/includes/bookmark.php
@ -59,7 +59,7 @@ function get_default_link_to_edit() {
 		$link->link_url = '';
 	if ( isset( $_GET['name'] ) )
-		$link->link_name = attribute_escape( $_GET['name']);
+		$link->link_name = attr( $_GET['name']);
 	else
 		$link->link_name = '';
--- a/wp-admin/includes/class-wp-upgrader.php
+++ b/wp-admin/includes/class-wp-upgrader.php
@ -820,8 +820,8 @@ class Plugin_Upgrader_Skin extends WP_Upgrader_Skin {
 			echo '<iframe style="border:0;overflow:hidden" width="100%" height="170px" src="' . wp_nonce_url('update.php?action=activate-plugin&plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) .'"></iframe>';
 		}
 		$update_actions =  array(
-			'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) . '" title="' . attribute_escape(__('Activate this plugin')) . '" target="_parent">' . __('Activate Plugin') . '</a>',
+			'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) . '" title="' . attr(__('Activate this plugin')) . '" target="_parent">' . __('Activate Plugin') . '</a>',
-			'plugins_page' => '<a href="' . admin_url('plugins.php') . '" title="' . attribute_escape(__('Goto plugins page')) . '" target="_parent">' . __('Return to Plugins page') . '</a>'
+			'plugins_page' => '<a href="' . admin_url('plugins.php') . '" title="' . attr(__('Goto plugins page')) . '" target="_parent">' . __('Return to Plugins page') . '</a>'
 		);
 		if ( $this->plugin_active )
 			unset( $update_actions['activate_plugin'] );
@ -871,13 +871,13 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin {
 		$plugin_file = $this->upgrader->plugin_info();
 		$install_actions = array(
-			'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . attribute_escape(__('Activate this plugin')) . '" target="_parent">' . __('Activate Plugin') . '</a>',
+			'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . attr(__('Activate this plugin')) . '" target="_parent">' . __('Activate Plugin') . '</a>',
 							);
 		if ( $this->type == 'web' )
-			$install_actions['plugins_page'] = '<a href="' . admin_url('plugin-install.php') . '" title="' . attribute_escape(__('Return to Plugin Installer')) . '" target="_parent">' . __('Return to Plugin Installer') . '</a>';
+			$install_actions['plugins_page'] = '<a href="' . admin_url('plugin-install.php') . '" title="' . attr(__('Return to Plugin Installer')) . '" target="_parent">' . __('Return to Plugin Installer') . '</a>';
 		else
-			$install_actions['plugins_page'] = '<a href="' . admin_url('plugins.php') . '" title="' . attribute_escape(__('Return to Plugins page')) . '" target="_parent">' . __('Return to Plugins page') . '</a>';
+			$install_actions['plugins_page'] = '<a href="' . admin_url('plugins.php') . '" title="' . attr(__('Return to Plugins page')) . '" target="_parent">' . __('Return to Plugins page') . '</a>';
 		if ( ! $this->result || is_wp_error($this->result) )
@ -936,14 +936,14 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin {
 		$activate_link = wp_nonce_url("themes.php?action=activate&amp;template=" . urlencode($template) . "&amp;stylesheet=" . urlencode($stylesheet), 'switch-theme_' . $template);
 		$install_actions = array(
-			'preview' => '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . attribute_escape(sprintf(__('Preview "%s"'), $name)) . '">' . __('Preview') . '</a>',
+			'preview' => '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . attr(sprintf(__('Preview "%s"'), $name)) . '">' . __('Preview') . '</a>',
-			'activate' => '<a href="' . $activate_link .  '" class="activatelink" title="' . attribute_escape( sprintf( __('Activate "%s"'), $name ) ) . '">' . __('Activate') . '</a>'
+			'activate' => '<a href="' . $activate_link .  '" class="activatelink" title="' . attr( sprintf( __('Activate "%s"'), $name ) ) . '">' . __('Activate') . '</a>'
 							);
 		if ( $this->type == 'web' )
-			$install_actions['themes_page'] = '<a href="' . admin_url('theme-install.php') . '" title="' . attribute_escape(__('Back to Theme Installer')) . '" target="_parent">' . __('Return to Theme Installer.') . '</a>';
+			$install_actions['themes_page'] = '<a href="' . admin_url('theme-install.php') . '" title="' . attr(__('Back to Theme Installer')) . '" target="_parent">' . __('Return to Theme Installer.') . '</a>';
 		else
-			$install_actions['themes_page'] = '<a href="' . admin_url('themes.php') . '" title="' . attribute_escape(__('Themes page')) . '" target="_parent">' . __('Return to Themes page') . '</a>';
+			$install_actions['themes_page'] = '<a href="' . admin_url('themes.php') . '" title="' . attr(__('Themes page')) . '" target="_parent">' . __('Return to Themes page') . '</a>';
 		if ( ! $this->result || is_wp_error($this->result) )
 			unset( $install_actions['activate'], $install_actions['preview'] );
@ -995,9 +995,9 @@ class Theme_Upgrader_Skin extends WP_Upgrader_Skin {
 		$activate_link = wp_nonce_url("themes.php?action=activate&amp;template=" . urlencode($template) . "&amp;stylesheet=" . urlencode($stylesheet), 'switch-theme_' . $template);
 		$update_actions =  array(
-			'preview' => '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . attribute_escape(sprintf(__('Preview "%s"'), $name)) . '">' . __('Preview') . '</a>',
+			'preview' => '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . attr(sprintf(__('Preview "%s"'), $name)) . '">' . __('Preview') . '</a>',
-			'activate' => '<a href="' . $activate_link .  '" class="activatelink" title="' . attribute_escape( sprintf( __('Activate "%s"'), $name ) ) . '">' . __('Activate') . '</a>',
+			'activate' => '<a href="' . $activate_link .  '" class="activatelink" title="' . attr( sprintf( __('Activate "%s"'), $name ) ) . '">' . __('Activate') . '</a>',
-			'themes_page' => '<a href="' . admin_url('themes.php') . '" title="' . attribute_escape(__('Return to Themes page')) . '" target="_parent">' . __('Return to Themes page') . '</a>',
+			'themes_page' => '<a href="' . admin_url('themes.php') . '" title="' . attr(__('Return to Themes page')) . '" target="_parent">' . __('Return to Themes page') . '</a>',
 		);
 		if ( ( ! $this->result || is_wp_error($this->result) ) || $stylesheet == get_stylesheet() )
 			unset($update_actions['preview'], $update_actions['activate']);
--- a/wp-admin/includes/dashboard.php
+++ b/wp-admin/includes/dashboard.php
@ -371,7 +371,7 @@ function wp_dashboard_quick_press() {
 	<form name="post" action="<?php echo clean_url( admin_url( 'post.php' ) ); ?>" method="post" id="quick-press">
 		<h4 id="quick-post-title"><label for="title"><?php _e('Title') ?></label></h4>
 		<div class="input-text-wrap">
-			<input type="text" name="post_title" id="title" tabindex="1" autocomplete="off" value="<?php echo attribute_escape( $post->post_title ); ?>" />
+			<input type="text" name="post_title" id="title" tabindex="1" autocomplete="off" value="<?php echo attr( $post->post_title ); ?>" />
 		</div>
 		<?php if ( current_user_can( 'upload_files' ) ) : ?>
@ -432,7 +432,7 @@ function wp_dashboard_recent_drafts( $drafts = false ) {
 		foreach ( $drafts as $draft ) {
 			$url = get_edit_post_link( $draft->ID );
 			$title = _draft_or_post_title( $draft->ID );
-			$item = "<h4><a href='$url' title='" . sprintf( __( 'Edit "%s"' ), attribute_escape( $title ) ) . "'>$title</a> <abbr title='" . get_the_time(__('Y/m/d g:i:s A'), $draft) . "'>" . get_the_time( get_option( 'date_format' ), $draft ) . '</abbr></h4>';
+			$item = "<h4><a href='$url' title='" . sprintf( __( 'Edit "%s"' ), attr( $title ) ) . "'>$title</a> <abbr title='" . get_the_time(__('Y/m/d g:i:s A'), $draft) . "'>" . get_the_time( get_option( 'date_format' ), $draft ) . '</abbr></h4>';
 			if ( $the_content = preg_split( '#\s#', strip_tags( $draft->post_content ), 11, PREG_SPLIT_NO_EMPTY ) )
 				$item .= '<p>' . join( ' ', array_slice( $the_content, 0, 10 ) ) . ( 10 < count( $the_content ) ? '&hellip;' : '' ) . '</p>';
 			$list[] = $item;
@ -579,9 +579,9 @@ function _wp_dashboard_recent_comments_row( &$comment, $show_date = true ) {
 			<div id="inline-<?php echo $comment->comment_ID; ?>" class="hidden">
 				<textarea class="comment" rows="3" cols="10"><?php echo $comment->comment_content; ?></textarea>
-				<div class="author-email"><?php echo attribute_escape( $comment->comment_author_email ); ?></div>
+				<div class="author-email"><?php echo attr( $comment->comment_author_email ); ?></div>
-				<div class="author"><?php echo attribute_escape( $comment->comment_author ); ?></div>
+				<div class="author"><?php echo attr( $comment->comment_author ); ?></div>
-				<div class="author-url"><?php echo attribute_escape( $comment->comment_author_url ); ?></div>
+				<div class="author-url"><?php echo attr( $comment->comment_author_url ); ?></div>
 				<div class="comment_status"><?php echo $comment->comment_approved; ?></div>
 			</div>
 			</div>
--- a/wp-admin/includes/file.php
+++ b/wp-admin/includes/file.php
@ -731,12 +731,12 @@ jQuery(function($){
 <table class="form-table">
 <tr valign="top">
 <th scope="row"><label for="hostname"><?php _e('Hostname') ?></label></th>
-<td><input name="hostname" type="text" id="hostname" value="<?php echo attribute_escape($hostname); if ( !empty($port) ) echo ":$port"; ?>"<?php if( defined('FTP_HOST') ) echo ' disabled="disabled"' ?> size="40" /></td>
+<td><input name="hostname" type="text" id="hostname" value="<?php echo attr($hostname); if ( !empty($port) ) echo ":$port"; ?>"<?php if( defined('FTP_HOST') ) echo ' disabled="disabled"' ?> size="40" /></td>
 </tr>
 <tr valign="top">
 <th scope="row"><label for="username"><?php _e('Username') ?></label></th>
-<td><input name="username" type="text" id="username" value="<?php echo attribute_escape($username) ?>"<?php if( defined('FTP_USER') ) echo ' disabled="disabled"' ?> size="40" /></td>
+<td><input name="username" type="text" id="username" value="<?php echo attr($username) ?>"<?php if( defined('FTP_USER') ) echo ' disabled="disabled"' ?> size="40" /></td>
 </tr>
 <tr valign="top">
@ -750,7 +750,7 @@ jQuery(function($){
 <label for="public_key"><?php _e('Public Key:') ?></label ><br />
 <label for="private_key"><?php _e('Private Key:') ?></label>
 </div></th>
-<td><br /><input name="public_key" type="text" id="public_key" value="<?php echo attribute_escape($public_key) ?>"<?php if( defined('FTP_PUBKEY') ) echo ' disabled="disabled"' ?> size="40" /><br /><input name="private_key" type="text" id="private_key" value="<?php echo attribute_escape($private_key) ?>"<?php if( defined('FTP_PRIKEY') ) echo ' disabled="disabled"' ?> size="40" />
+<td><br /><input name="public_key" type="text" id="public_key" value="<?php echo attr($public_key) ?>"<?php if( defined('FTP_PUBKEY') ) echo ' disabled="disabled"' ?> size="40" /><br /><input name="private_key" type="text" id="private_key" value="<?php echo attr($private_key) ?>"<?php if( defined('FTP_PRIKEY') ) echo ' disabled="disabled"' ?> size="40" />
 <div><?php _e('Enter the location on the server where the keys are located. If a passphrase is needed, enter that in the password field above.') ?></div></td>
 </tr>
@ -767,10 +767,10 @@ jQuery(function($){
 </table>
 <?php if ( isset( $_POST['version'] ) ) : ?>
-<input type="hidden" name="version" value="<?php echo attribute_escape($_POST['version']) ?>" />
+<input type="hidden" name="version" value="<?php echo attr($_POST['version']) ?>" />
 <?php endif; ?>
 <?php if ( isset( $_POST['locale'] ) ) : ?>
-<input type="hidden" name="locale" value="<?php echo attribute_escape($_POST['locale']) ?>" />
+<input type="hidden" name="locale" value="<?php echo attr($_POST['locale']) ?>" />
 <?php endif; ?>
 <p class="submit">
 <input id="upgrade" name="upgrade" type="submit" class="button" value="<?php _e('Proceed'); ?>" />
--- a/wp-admin/includes/manifest.php
+++ b/wp-admin/includes/manifest.php
@ -26,7 +26,7 @@ function add_filter() {}
 /**
 * @ignore
 */
-function attribute_escape() {}
+function attr() {}
 /**
 * @ignore
--- a/wp-admin/includes/media.php
+++ b/wp-admin/includes/media.php
@ -78,7 +78,7 @@ function the_media_upload_tabs() {
 				$class = " class='current'";
 			$href = add_query_arg(array('tab'=>$callback, 's'=>false, 'paged'=>false, 'post_mime_type'=>false, 'm'=>false));
 			$link = "<a href='" . clean_url($href) . "'$class>$text</a>";
-			echo "\t<li id='" . attribute_escape("tab-$callback") . "'>$link</li>\n";
+			echo "\t<li id='" . attr("tab-$callback") . "'>$link</li>\n";
 		}
 		echo "</ul>\n";
 	}
@ -104,7 +104,7 @@ function get_image_send_to_editor($id, $alt, $title, $align, $url='', $rel = fal
 	$html = get_image_tag($id, $htmlalt, $title, $align, $size);
-	$rel = $rel ? ' rel="attachment wp-att-'.attribute_escape($id).'"' : '';
+	$rel = $rel ? ' rel="attachment wp-att-'.attr($id).'"' : '';
 	if ( $url )
 		$html = '<a href="' . clean_url($url) . "\"$rel>$html</a>";
@ -424,7 +424,7 @@ function media_upload_form_handler() {
 		$html = $attachment['post_title'];
 		if ( !empty($attachment['url']) ) {
 			if ( strpos($attachment['url'], 'attachment_id') || false !== strpos($attachment['url'], get_permalink($_POST['post_id'])) )
-				$rel = " rel='attachment wp-att-".attribute_escape($send_id)."'";
+				$rel = " rel='attachment wp-att-".attr($send_id)."'";
 			$html = "<a href='{$attachment['url']}'$rel>$html</a>";
 		}
 		$html = apply_filters('media_send_to_editor', $html, $send_id, $attachment);
@ -459,9 +459,9 @@ function media_upload_image() {
 		$src = $_POST['insertonly']['src'];
 		if ( !empty($src) && !strpos($src, '://') )
 			$src = "http://$src";
-		$alt = attribute_escape($_POST['insertonly']['alt']);
+		$alt = attr($_POST['insertonly']['alt']);
 		if ( isset($_POST['insertonly']['align']) ) {
-			$align = attribute_escape($_POST['insertonly']['align']);
+			$align = attr($_POST['insertonly']['align']);
 			$class = " class='align$align'";
 		}
 		if ( !empty($src) )
@ -553,7 +553,7 @@ function media_upload_audio() {
 		$href = $_POST['insertonly']['href'];
 		if ( !empty($href) && !strpos($href, '://') )
 			$href = "http://$href";
-		$title = attribute_escape($_POST['insertonly']['title']);
+		$title = attr($_POST['insertonly']['title']);
 		if ( empty($title) )
 			$title = basename($href);
 		if ( !empty($title) && !empty($href) )
@ -607,7 +607,7 @@ function media_upload_video() {
 		$href = $_POST['insertonly']['href'];
 		if ( !empty($href) && !strpos($href, '://') )
 			$href = "http://$href";
-		$title = attribute_escape($_POST['insertonly']['title']);
+		$title = attr($_POST['insertonly']['title']);
 		if ( empty($title) )
 			$title = basename($href);
 		if ( !empty($title) && !empty($href) )
@ -661,7 +661,7 @@ function media_upload_file() {
 		$href = $_POST['insertonly']['href'];
 		if ( !empty($href) && !strpos($href, '://') )
 			$href = "http://$href";
-		$title = attribute_escape($_POST['insertonly']['title']);
+		$title = attr($_POST['insertonly']['title']);
 		if ( empty($title) )
 			$title = basename($href);
 		if ( !empty($title) && !empty($href) )
@ -825,10 +825,10 @@ function image_link_input_fields($post, $url_type='') {
 	elseif ( $url_type == 'post' )
 		$url = $link;
-	return "<input type='text' class='urlfield' name='attachments[$post->ID][url]' value='" . attribute_escape($url) . "' /><br />
+	return "<input type='text' class='urlfield' name='attachments[$post->ID][url]' value='" . attr($url) . "' /><br />
 				<button type='button' class='button urlnone' title=''>" . __('None') . "</button>
-				<button type='button' class='button urlfile' title='" . attribute_escape($file) . "'>" . __('File URL') . "</button>
+				<button type='button' class='button urlfile' title='" . attr($file) . "'>" . __('File URL') . "</button>
-				<button type='button' class='button urlpost' title='" . attribute_escape($link) . "'>" . __('Post URL') . "</button>
+				<button type='button' class='button urlpost' title='" . attr($link) . "'>" . __('Post URL') . "</button>
 ";
 }
@ -988,7 +988,7 @@ function get_attachment_fields_to_edit($post, $errors = null) {
 		'image_url'	=> array(
 			'label'      => __('File URL'),
 			'input'      => 'html',
-			'html'       => "<input type='text' class='urlfield' readonly='readonly' name='attachments[$post->ID][url]' value='" . attribute_escape($image_url) . "' /><br />",
+			'html'       => "<input type='text' class='urlfield' readonly='readonly' name='attachments[$post->ID][url]' value='" . attr($image_url) . "' /><br />",
 			'value'      => isset($edit_post->post_url) ? $edit_post->post_url : '',
 			'helps'      => __('Location of the uploaded file.'),
 		)
@ -1085,19 +1085,19 @@ function get_media_item( $attachment_id, $args = null ) {
 	$post = get_post($attachment_id);
 	$filename = basename($post->guid);
-	$title = attribute_escape($post->post_title);
+	$title = attr($post->post_title);
 	if ( $_tags = get_the_tags($attachment_id) ) {
 		foreach ( $_tags as $tag )
 			$tags[] = $tag->name;
-		$tags = attribute_escape(join(', ', $tags));
+		$tags = attr(join(', ', $tags));
 	}
 	$type = '';
 	if ( isset($post_mime_types) ) {
 		$keys = array_keys(wp_match_mime_types(array_keys($post_mime_types), $post->post_mime_type));
 		$type = array_shift($keys);
-		$type = "<input type='hidden' id='type-of-$attachment_id' value='" . attribute_escape( $type ) . "' />";
+		$type = "<input type='hidden' id='type-of-$attachment_id' value='" . attr( $type ) . "' />";
 	}
 	$form_fields = get_attachment_fields_to_edit($post, $errors);
@ -1156,7 +1156,7 @@ function get_media_item( $attachment_id, $args = null ) {
 	$delete_href = wp_nonce_url("post.php?action=delete-post&amp;post=$attachment_id", 'delete-post_' . $attachment_id);
 	if ( $send )
-		$send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attribute_escape( __( 'Insert into Post' ) ) . "' />";
+		$send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attr( __( 'Insert into Post' ) ) . "' />";
 	if ( $delete )
 		$delete = "<a href=\"#\" class=\"del-link\" onclick=\"document.getElementById('del_attachment_$attachment_id').style.display='block';return false;\">" . __('Delete') . "</a>";
 	if ( ( $send || $delete ) && !isset($form_fields['buttons']) )
@ -1194,7 +1194,7 @@ function get_media_item( $attachment_id, $args = null ) {
 		elseif ( $field['input'] == 'textarea' ) {
 			$item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . wp_specialchars( $field['value'] ) . "</textarea>";
 		} else {
-			$item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";
+			$item .= "<input type='text' id='$name' name='$name' value='" . attr( $field['value'] ) . "'" . $aria_required . "/>";
 		}
 		if ( !empty($field['helps']) )
 			$item .= "<p class='help'>" . join( "</p>\n<p class='help'>", array_unique((array) $field['helps']) ) . '</p>';
@ -1222,7 +1222,7 @@ function get_media_item( $attachment_id, $args = null ) {
 	$item .= "\t</table>\n";
 	foreach ( $hidden_fields as $name => $value )
-		$item .= "\t<input type='hidden' name='$name' id='$name' value='" . attribute_escape( $value ) . "' />\n";
+		$item .= "\t<input type='hidden' name='$name' id='$name' value='" . attr( $value ) . "' />\n";
 	if ( $post->post_parent < 1 && isset($_REQUEST['post_id']) ) {
 		$parent = (int) $_REQUEST['post_id'];
@ -1303,7 +1303,7 @@ SWFUpload.onload = function() {
 			button_width: "132",
 			button_image_url: '<?php echo includes_url('images/upload.png'); ?>',
 			button_placeholder_id: "flash-browse-button",
-			upload_url : "<?php echo attribute_escape( $flash_action_url ); ?>",
+			upload_url : "<?php echo attr( $flash_action_url ); ?>",
 			flash_url : "<?php echo includes_url('js/swfupload/swfupload.swf'); ?>",
 			file_post_name: "async-upload",
 			file_types: "<?php echo apply_filters('upload_file_glob', '*.*'); ?>",
@ -1350,7 +1350,7 @@ SWFUpload.onload = function() {
 <div id="html-upload-ui">
 <?php do_action('pre-html-upload-ui'); ?>
 	<p id="async-upload-wrap">
-	<input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attribute_escape(__('Upload')); ?>" /> <a href="#" onclick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
+	<input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attr(__('Upload')); ?>" /> <a href="#" onclick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
 	</p>
 	<div class="clear"></div>
 	<?php if ( is_lighttpd_before_150() ): ?>
@ -1380,7 +1380,7 @@ function media_upload_type_form($type = 'file', $errors = null, $id = null) {
 	$form_action_url = apply_filters('media_upload_form_url', $form_action_url, $type);
 ?>
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
+<form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
 <?php wp_nonce_field('media-form'); ?>
@ -1412,7 +1412,7 @@ if ( $id ) {
 }
 ?>
 </div>
-<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+<input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
 <?php
 }
@ -1436,7 +1436,7 @@ function media_upload_type_url_form($type = 'file', $errors = null, $id = null)
 	$callback = "type_url_form_$type";
 ?>
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
+<form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
 <?php wp_nonce_field('media-form'); ?>
@ -1570,7 +1570,7 @@ jQuery(function($){
 <a href="#" id="desc"><?php _e('Descending'); ?></a> |
 <a href="#" id="clear"><?php _e('Clear'); ?></a>
 </div>
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form validate" id="gallery-form">
+<form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form validate" id="gallery-form">
 <?php wp_nonce_field('media-form'); ?>
 <?php //media_upload_form( $errors ); ?>
 <table class="widefat" cellspacing="0">
@ -1585,10 +1585,10 @@ jQuery(function($){
 </div>
 <p class="ml-submit">
-<input type="submit" class="button savebutton" style="display:none;" name="save" id="save-all" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+<input type="submit" class="button savebutton" style="display:none;" name="save" id="save-all" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
-<input type="hidden" name="type" value="<?php echo attribute_escape( $GLOBALS['type'] ); ?>" />
+<input type="hidden" name="type" value="<?php echo attr( $GLOBALS['type'] ); ?>" />
-<input type="hidden" name="tab" value="<?php echo attribute_escape( $GLOBALS['tab'] ); ?>" />
+<input type="hidden" name="tab" value="<?php echo attr( $GLOBALS['tab'] ); ?>" />
 </p>
 <div id="gallery-settings" style="display:none;">
@ -1662,8 +1662,8 @@ jQuery(function($){
 </tbody></table>
 <p class="ml-submit">
-<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php echo attribute_escape( __( 'Insert gallery' ) ); ?>" />
+<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php echo attr( __( 'Insert gallery' ) ); ?>" />
-<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php echo attribute_escape( __( 'Update gallery settings' ) ); ?>" />
+<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php echo attr( __( 'Update gallery settings' ) ); ?>" />
 </p>
 </div>
 </form>
@ -1699,15 +1699,15 @@ function media_upload_library_form($errors) {
 ?>
 <form id="filter" action="" method="get">
-<input type="hidden" name="type" value="<?php echo attribute_escape( $type ); ?>" />
+<input type="hidden" name="type" value="<?php echo attr( $type ); ?>" />
-<input type="hidden" name="tab" value="<?php echo attribute_escape( $tab ); ?>" />
+<input type="hidden" name="tab" value="<?php echo attr( $tab ); ?>" />
 <input type="hidden" name="post_id" value="<?php echo (int) $post_id; ?>" />
-<input type="hidden" name="post_mime_type" value="<?php echo isset( $_GET['post_mime_type'] ) ? attribute_escape( $_GET['post_mime_type'] ) : ''; ?>" />
+<input type="hidden" name="post_mime_type" value="<?php echo isset( $_GET['post_mime_type'] ) ? attr( $_GET['post_mime_type'] ) : ''; ?>" />
 <p id="media-search" class="search-box">
 	<label class="hidden" for="media-search-input"><?php _e('Search Media');?>:</label>
 	<input type="text" id="media-search-input" name="s" value="<?php the_search_query(); ?>" />
-	<input type="submit" value="<?php echo attribute_escape( __( 'Search Media' ) ); ?>" class="button" />
+	<input type="submit" value="<?php echo attr( __( 'Search Media' ) ); ?>" class="button" />
 </p>
 <ul class="subsubsub">
@ -1786,7 +1786,7 @@ foreach ($arc_result as $arc_row) {
 	else
 		$default = '';
-	echo "<option$default value='" . attribute_escape( $arc_row->yyear . $arc_row->mmonth ) . "'>";
+	echo "<option$default value='" . attr( $arc_row->yyear . $arc_row->mmonth ) . "'>";
 	echo wp_specialchars( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" );
 	echo "</option>\n";
 }
@ -1794,7 +1794,7 @@ foreach ($arc_result as $arc_row) {
 </select>
 <?php } ?>
-<input type="submit" id="post-query-submit" value="<?php echo attribute_escape( __( 'Filter &#187;' ) ); ?>" class="button-secondary" />
+<input type="submit" id="post-query-submit" value="<?php echo attr( __( 'Filter &#187;' ) ); ?>" class="button-secondary" />
 </div>
@ -1802,7 +1802,7 @@ foreach ($arc_result as $arc_row) {
 </div>
 </form>
-<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form validate" id="library-form">
+<form enctype="multipart/form-data" method="post" action="<?php echo attr($form_action_url); ?>" class="media-upload-form validate" id="library-form">
 <?php wp_nonce_field('media-form'); ?>
 <?php //media_upload_form( $errors ); ?>
@ -1824,7 +1824,7 @@ jQuery(function($){
 <?php echo get_media_items(null, $errors); ?>
 </div>
 <p class="ml-submit">
-<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+<input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
 <input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
 </p>
 </form>
@ -1906,7 +1906,7 @@ function type_url_form_image() {
 		<tr>
 			<td></td>
 			<td>
-				<input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . attribute_escape(__('Insert into Post')) . '" />
+				<input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . attr(__('Insert into Post')) . '" />
 			</td>
 		</tr>
 	</tbody></table>
@ -1942,7 +1942,7 @@ function type_url_form_audio() {
 		<tr>
 			<td></td>
 			<td>
-				<input type="submit" class="button" name="insertonlybutton" value="' . attribute_escape(__('Insert into Post')) . '" />
+				<input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" />
 			</td>
 		</tr>
 	</tbody></table>
@ -1977,7 +1977,7 @@ function type_url_form_video() {
 		<tr>
 			<td></td>
 			<td>
-				<input type="submit" class="button" name="insertonlybutton" value="' . attribute_escape(__('Insert into Post')) . '" />
+				<input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" />
 			</td>
 		</tr>
 	</tbody></table>
@ -2012,7 +2012,7 @@ function type_url_form_file() {
 		<tr>
 			<td></td>
 			<td>
-				<input type="submit" class="button" name="insertonlybutton" value="' . attribute_escape(__('Insert into Post')) . '" />
+				<input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" />
 			</td>
 		</tr>
 	</tbody></table>
--- a/wp-admin/includes/plugin-install.php
+++ b/wp-admin/includes/plugin-install.php
@ -162,8 +162,8 @@ function install_search_form(){
 			<option value="author"<?php selected('author', $type) ?>><?php _e('Author') ?></option>
 			<option value="tag"<?php selected('tag', $type) ?>><?php _x('Tag', 'Plugin Installer') ?></option>
 		</select>
-		<input type="text" name="s" value="<?php echo attribute_escape($term) ?>" />
+		<input type="text" name="s" value="<?php echo attr($term) ?>" />
-		<input type="submit" name="search" value="<?php echo attribute_escape(__('Search')) ?>" class="button" />
+		<input type="submit" name="search" value="<?php echo attr(__('Search')) ?>" class="button" />
 	</form><?php
 }
@ -334,12 +334,12 @@ function display_plugins_table($plugins, $page = 1, $totalpages = 1){
 				$author = wp_kses($author, $plugins_allowedtags);
 				if( isset($plugin['homepage']) )
-					$title = '<a target="_blank" href="' . attribute_escape($plugin['homepage']) . '">' . $title . '</a>';
+					$title = '<a target="_blank" href="' . attr($plugin['homepage']) . '">' . $title . '</a>';
 				$action_links = array();
 				$action_links[] = '<a href="' . admin_url('plugin-install.php?tab=plugin-information&amp;plugin=' . $plugin['slug'] .
 									'&amp;TB_iframe=true&amp;width=600&amp;height=800') . '" class="thickbox onclick" title="' .
-									attribute_escape($name) . '">' . __('Install') . '</a>';
+									attr($name) . '">' . __('Install') . '</a>';
 				$action_links = apply_filters('plugin_install_action_links', $action_links, $plugin);
 			?>
@ -348,7 +348,7 @@ function display_plugins_table($plugins, $page = 1, $totalpages = 1){
 				<td class="vers"><?php echo $version; ?></td>
 				<td class="vers">
 					<div class="star-holder" title="<?php printf(_n('(based on %s rating)', '(based on %s ratings)', $plugin['num_ratings']), number_format_i18n($plugin['num_ratings'])) ?>">
-						<div class="star star-rating" style="width: <?php echo attribute_escape($plugin['rating']) ?>px"></div>
+						<div class="star star-rating" style="width: <?php echo attr($plugin['rating']) ?>px"></div>
 						<div class="star star5"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('5 stars') ?>" /></div>
 						<div class="star star4"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('4 stars') ?>" /></div>
 						<div class="star star3"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('3 stars') ?>" /></div>
@ -416,7 +416,7 @@ function install_plugin_information() {
 		$class = ( $section_name == $section ) ? ' class="current"' : '';
 		$href = add_query_arg( array('tab' => $tab, 'section' => $section_name) );
 		$href = clean_url($href);
-		$san_title = attribute_escape(sanitize_title_with_dashes($title));
+		$san_title = attr(sanitize_title_with_dashes($title));
 		echo "\t<li><a name='$san_title' target='' href='$href'$class>$title</a></li>\n";
 	}
 	echo "</ul>\n";
@ -505,7 +505,7 @@ function install_plugin_information() {
 		</ul>
 		<h2><?php _e('Average Rating') ?></h2>
 		<div class="star-holder" title="<?php printf(_n('(based on %s rating)', '(based on %s ratings)', $api->num_ratings), number_format_i18n($api->num_ratings)); ?>">
-			<div class="star star-rating" style="width: <?php echo attribute_escape($api->rating) ?>px"></div>
+			<div class="star star-rating" style="width: <?php echo attr($api->rating) ?>px"></div>
 			<div class="star star5"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('5 stars') ?>" /></div>
 			<div class="star star4"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('4 stars') ?>" /></div>
 			<div class="star star3"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('3 stars') ?>" /></div>
@ -530,7 +530,7 @@ function install_plugin_information() {
 			$content = links_add_base_url($content, 'http://wordpress.org/extend/plugins/' . $api->slug . '/');
 			$content = links_add_target($content, '_blank');
-			$san_title = attribute_escape(sanitize_title_with_dashes($title));
+			$san_title = attr(sanitize_title_with_dashes($title));
 			$display = ( $section_name == $section ) ? 'block' : 'none';
--- a/wp-admin/includes/taxonomy.php
+++ b/wp-admin/includes/taxonomy.php
@ -222,7 +222,7 @@ function get_terms_to_edit( $post_id, $taxonomy = 'post_tag' ) {
 	foreach ( $tags as $tag )
 		$tag_names[] = $tag->name;
 	$tags_to_edit = join( ',', $tag_names );
-	$tags_to_edit = attribute_escape( $tags_to_edit );
+	$tags_to_edit = attr( $tags_to_edit );
 	$tags_to_edit = apply_filters( 'terms_to_edit', $tags_to_edit, $taxonomy );
 	return $tags_to_edit;
--- a/wp-admin/includes/template.php
+++ b/wp-admin/includes/template.php
@ -118,7 +118,7 @@ function _cat_row( $category, $level, $name_override = false ) {
 	$name = ( $name_override ? $name_override : $pad . ' ' . $category->name );
 	$edit_link = "categories.php?action=edit&amp;cat_ID=$category->term_id";
 	if ( current_user_can( 'manage_categories' ) ) {
-		$edit = "<a class='row-title' href='$edit_link' title='" . attribute_escape(sprintf(__('Edit "%s"'), $category->name)) . "'>" . attribute_escape( $name ) . '</a><br />';
+		$edit = "<a class='row-title' href='$edit_link' title='" . attr(sprintf(__('Edit "%s"'), $category->name)) . "'>" . attr( $name ) . '</a><br />';
 		$actions = array();
 		$actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>';
 		$actions['inline hide-if-no-js'] = '<a href="#" class="editinline">' . __('Quick&nbsp;Edit') . '</a>';
@ -257,7 +257,7 @@ function inline_edit_term_row($type) {
 	<p class="inline-edit-save submit">
 		<a accesskey="c" href="#inline-edit" title="<?php _e('Cancel'); ?>" class="cancel button-secondary alignleft"><?php _e('Cancel'); ?></a>
 		<?php $update_text = ( $is_tag ) ? __( 'Update Tag' ) : __( 'Update Category' ); ?>
-		<a accesskey="s" href="#inline-edit" title="<?php echo attribute_escape( $update_text ); ?>" class="save button-primary alignright"><?php echo $update_text; ?></a>
+		<a accesskey="s" href="#inline-edit" title="<?php echo attr( $update_text ); ?>" class="save button-primary alignright"><?php echo $update_text; ?></a>
 		<img class="waiting" style="display:none;" src="images/loading.gif" alt="" />
 		<span class="error" style="display:none;"></span>
 		<?php wp_nonce_field( 'taxinlineeditnonce', '_inline_edit', false ); ?>
@ -289,7 +289,7 @@ function link_cat_row( $category, $name_override = false ) {
 	$name = ( $name_override ? $name_override : $category->name );
 	$edit_link = "link-category.php?action=edit&amp;cat_ID=$category->term_id";
 	if ( current_user_can( 'manage_categories' ) ) {
-		$edit = "<a class='row-title' href='$edit_link' title='" . attribute_escape(sprintf(__('Edit "%s"'), $category->name)) . "'>$name</a><br />";
+		$edit = "<a class='row-title' href='$edit_link' title='" . attr(sprintf(__('Edit "%s"'), $category->name)) . "'>$name</a><br />";
 		$actions = array();
 		$actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>';
 		$actions['inline hide-if-no-js'] = '<a href="#" class="editinline">' . __('Quick&nbsp;Edit') . '</a>';
@ -649,7 +649,7 @@ function _tag_row( $tag, $class = '', $taxonomy = 'post_tag' ) {
 					$out .= '<th scope="row" class="check-column"> <input type="checkbox" name="delete_tags[]" value="' . $tag->term_id . '" /></th>';
 					break;
 				case 'name':
-					$out .= '<td ' . $attributes . '><strong><a class="row-title" href="' . $edit_link . '" title="' . attribute_escape(sprintf(__('Edit "%s"'), $name)) . '">' . $name . '</a></strong><br />';
+					$out .= '<td ' . $attributes . '><strong><a class="row-title" href="' . $edit_link . '" title="' . attr(sprintf(__('Edit "%s"'), $name)) . '">' . $name . '</a></strong><br />';
 					$actions = array();
 					$actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>';
 					$actions['inline hide-if-no-js'] = '<a href="#" class="editinline">' . __('Quick&nbsp;Edit') . '</a>';
@ -1247,12 +1247,12 @@ function inline_edit_row( $type ) {
 			wp_nonce_field( 'inlineeditnonce', '_inline_edit', false );
 			$update_text = ( $is_page ) ? __( 'Update Page' ) : __( 'Update Post' );
 			?>
-			<a accesskey="s" href="#inline-edit" title="<?php _e('Update'); ?>" class="button-primary save alignright"><?php echo attribute_escape( $update_text ); ?></a>
+			<a accesskey="s" href="#inline-edit" title="<?php _e('Update'); ?>" class="button-primary save alignright"><?php echo attr( $update_text ); ?></a>
 			<img class="waiting" style="display:none;" src="images/loading.gif" alt="" />
 		<?php } else {
 			$update_text = ( $is_page ) ? __( 'Update Pages' ) : __( 'Update Posts' );
 		?>
-			<input accesskey="s" class="button-primary alignright" type="submit" name="bulk_edit" value="<?php echo attribute_escape( $update_text ); ?>" />
+			<input accesskey="s" class="button-primary alignright" type="submit" name="bulk_edit" value="<?php echo attr( $update_text ); ?>" />
 		<?php } ?>
 		<input type="hidden" name="post_view" value="<?php echo $m; ?>" />
 		<br class="clear" />
@ -1278,7 +1278,7 @@ function get_inline_data($post) {
 	if ( ! current_user_can('edit_' . $post->post_type, $post->ID) )
 		return;
-	$title = attribute_escape($post->post_title);
+	$title = attr($post->post_title);
 	echo '
 <div class="hidden" id="inline_' . $post->ID . '">
@ -1427,22 +1427,22 @@ function _post_row($a_post, $pending_comments, $mode) {
 		case 'title':
 			$attributes = 'class="post-title column-title"' . $style;
 		?>
-		<td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $post->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $title)); ?>"><?php echo $title ?></a><?php } else { echo $title; }; _post_states($post); ?></strong>
+		<td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $post->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $title)); ?>"><?php echo $title ?></a><?php } else { echo $title; }; _post_states($post); ?></strong>
 		<?php
 			if ( 'excerpt' == $mode )
 				the_excerpt();
 			$actions = array();
 			if ( current_user_can('edit_post', $post->ID) ) {
-				$actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '" title="' . attribute_escape(__('Edit this post')) . '">' . __('Edit') . '</a>';
+				$actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '" title="' . attr(__('Edit this post')) . '">' . __('Edit') . '</a>';
-				$actions['inline hide-if-no-js'] = '<a href="#" class="editinline" title="' . attribute_escape(__('Edit this post inline')) . '">' . __('Quick&nbsp;Edit') . '</a>';
+				$actions['inline hide-if-no-js'] = '<a href="#" class="editinline" title="' . attr(__('Edit this post inline')) . '">' . __('Quick&nbsp;Edit') . '</a>';
-				$actions['delete'] = "<a class='submitdelete' title='" . attribute_escape(__('Delete this post')) . "' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
+				$actions['delete'] = "<a class='submitdelete' title='" . attr(__('Delete this post')) . "' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this post '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
 			}
 			if ( in_array($post->post_status, array('pending', 'draft')) ) {
 				if ( current_user_can('edit_post', $post->ID) )
-					$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attribute_escape(sprintf(__('Preview "%s"'), $title)) . '" rel="permalink">' . __('Preview') . '</a>';
+					$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attr(sprintf(__('Preview "%s"'), $title)) . '" rel="permalink">' . __('Preview') . '</a>';
 			} else {
-				$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attribute_escape(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+				$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attr(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
 			}
 			$actions = apply_filters('post_row_actions', $actions, $post);
 			$action_count = count($actions);
@ -1643,19 +1643,19 @@ foreach ($posts_columns as $column_name=>$column_display_name) {
 		$attributes = 'class="post-title page-title column-title"' . $style;
 		$edit_link = get_edit_post_link( $page->ID );
 		?>
-		<td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $page->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $title)); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states($page); echo isset($parent_name) ? ' | ' . __('Parent Page: ') . wp_specialchars($parent_name) : ''; ?></strong>
+		<td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $page->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $title)); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states($page); echo isset($parent_name) ? ' | ' . __('Parent Page: ') . wp_specialchars($parent_name) : ''; ?></strong>
 		<?php
 		$actions = array();
 		if ( current_user_can('edit_page', $page->ID) ) {
-			$actions['edit'] = '<a href="' . $edit_link . '" title="' . attribute_escape(__('Edit this page')) . '">' . __('Edit') . '</a>';
+			$actions['edit'] = '<a href="' . $edit_link . '" title="' . attr(__('Edit this page')) . '">' . __('Edit') . '</a>';
 			$actions['inline'] = '<a href="#" class="editinline">' . __('Quick&nbsp;Edit') . '</a>';
-			$actions['delete'] = "<a class='submitdelete' title='" . attribute_escape(__('Delete this page')) . "' href='" . wp_nonce_url("page.php?action=delete&amp;post=$page->ID", 'delete-page_' . $page->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $page->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this page '%s'\n 'Cancel' to stop, 'OK' to delete."), $page->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
+			$actions['delete'] = "<a class='submitdelete' title='" . attr(__('Delete this page')) . "' href='" . wp_nonce_url("page.php?action=delete&amp;post=$page->ID", 'delete-page_' . $page->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $page->post_status) ? __("You are about to delete this draft '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this page '%s'\n 'Cancel' to stop, 'OK' to delete."), $page->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
 		}
 		if ( in_array($post->post_status, array('pending', 'draft')) ) {
 			if ( current_user_can('edit_page', $page->ID) )
-				$actions['view'] = '<a href="' . get_permalink($page->ID) . '" title="' . attribute_escape(sprintf(__('Preview "%s"'), $title)) . '" rel="permalink">' . __('Preview') . '</a>';
+				$actions['view'] = '<a href="' . get_permalink($page->ID) . '" title="' . attr(sprintf(__('Preview "%s"'), $title)) . '" rel="permalink">' . __('Preview') . '</a>';
 		} else {
-			$actions['view'] = '<a href="' . get_permalink($page->ID) . '" title="' . attribute_escape(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+			$actions['view'] = '<a href="' . get_permalink($page->ID) . '" title="' . attr(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
 		}
 		$actions = apply_filters('page_row_actions', $actions, $page);
 		$action_count = count($actions);
@ -2114,9 +2114,9 @@ function _wp_comment_row( $comment_id, $mode, $comment_status, $checkbox = true,
 				comment_text(); ?>
 				<div id="inline-<?php echo $comment->comment_ID; ?>" class="hidden">
 				<textarea class="comment" rows="3" cols="10"><?php echo $comment->comment_content; ?></textarea>
-				<div class="author-email"><?php if ( $user_can ) echo attribute_escape( $comment->comment_author_email ); ?></div>
+				<div class="author-email"><?php if ( $user_can ) echo attr( $comment->comment_author_email ); ?></div>
-				<div class="author"><?php if ( $user_can ) echo attribute_escape( $comment->comment_author ); ?></div>
+				<div class="author"><?php if ( $user_can ) echo attr( $comment->comment_author ); ?></div>
-				<div class="author-url"><?php echo attribute_escape( $comment->comment_author_url ); ?></div>
+				<div class="author-url"><?php echo attr( $comment->comment_author_url ); ?></div>
 				<div class="comment_status"><?php echo $comment->comment_approved; ?></div>
 				</div>
 				<?php
@ -2417,7 +2417,7 @@ function _list_meta_row( $entry, &$count ) {
 		}
 	}
-	$entry['meta_key'] = attribute_escape($entry['meta_key']);
+	$entry['meta_key'] = attr($entry['meta_key']);
 	$entry['meta_value'] = htmlspecialchars($entry['meta_value']); // using a <textarea />
 	$entry['meta_id'] = (int) $entry['meta_id'];
@ -2427,8 +2427,8 @@ function _list_meta_row( $entry, &$count ) {
 	$r .= "\n\t\t<td class='left'><label class='hidden' for='meta[{$entry['meta_id']}][key]'>" . __( 'Key' ) . "</label><input name='meta[{$entry['meta_id']}][key]' id='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' />";
 	$r .= "\n\t\t<div class='submit'><input name='deletemeta[{$entry['meta_id']}]' type='submit' ";
-	$r .= "class='delete:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$delete_nonce deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' />";
+	$r .= "class='delete:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$delete_nonce deletemeta' tabindex='6' value='".attr(__( 'Delete' ))."' />";
-	$r .= "\n\t\t<input name='updatemeta' type='submit' tabindex='6' value='".attribute_escape(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$update_nonce updatemeta' /></div>";
+	$r .= "\n\t\t<input name='updatemeta' type='submit' tabindex='6' value='".attr(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$update_nonce updatemeta' /></div>";
 	$r .= wp_nonce_field( 'change-meta', '_ajax_nonce', false, false );
 	$r .= "</td>";
@ -2472,7 +2472,7 @@ function meta_form() {
 <?php
 	foreach ( $keys as $key ) {
-		$key = attribute_escape( $key );
+		$key = attr( $key );
 		echo "\n<option value='$key'>$key</option>";
 	}
 ?>
@ -2782,7 +2782,7 @@ function wp_import_upload_form( $action ) {
 		<p><strong><?php echo $upload_dir['error']; ?></strong></p></div><?php
 	else :
 ?>
-<form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo attribute_escape($action) ?>">
+<form enctype="multipart/form-data" id="import-upload-form" method="post" action="<?php echo attr($action) ?>">
 <p>
 <?php wp_nonce_field('import-upload'); ?>
 <label for="upload"><?php _e( 'Choose a file from your computer:' ); ?></label> (<?php printf( __('Maximum size: %s' ), $size ); ?>)
@ -2805,7 +2805,7 @@ function wp_import_upload_form( $action ) {
 */
 function wp_remember_old_slug() {
 	global $post;
-	$name = attribute_escape($post->post_name); // just in case
+	$name = attr($post->post_name); // just in case
 	if ( strlen($name) )
 		echo '<input type="hidden" id="wp-old-slug" name="wp-old-slug" value="' . $name . '" />';
 }
@ -3171,15 +3171,15 @@ function find_posts_div($found_action = '') {
 /**
 * Display the post password.
 *
- * The password is passed through {@link attribute_escape()} to ensure that it
+ * The password is passed through {@link attr()} to ensure that it
 * is safe for placing in an html attribute.
 *
- * @uses attribute_escape
+ * @uses attr
 * @since 2.7.0
 */
 function the_post_password() {
 	global $post;
-	if ( isset( $post->post_password ) ) echo attribute_escape( $post->post_password );
+	if ( isset( $post->post_password ) ) echo attr( $post->post_password );
 }
 /**
@ -3297,12 +3297,12 @@ function _draft_or_post_title($post_id = 0)
 * A simple wrapper to display the "s" parameter in a GET URI. This function
 * should only be used when {@link the_search_query()} cannot.
 *
- * @uses attribute_escape
+ * @uses attr
 * @since 2.7.0
 *
 */
 function _admin_search_query() {
-	echo isset($_GET['s']) ? attribute_escape( stripslashes( $_GET['s'] ) ) : '';
+	echo isset($_GET['s']) ? attr( stripslashes( $_GET['s'] ) ) : '';
 }
 /**
--- a/wp-admin/includes/theme-install.php
+++ b/wp-admin/includes/theme-install.php
@ -158,8 +158,8 @@ function install_theme_search_form() {
 	<option value="author" <?php selected('author', $type) ?>><?php _e('Author'); ?></option>
 	<option value="tag" <?php selected('tag', $type) ?>><?php _e('Tag'); ?></option>
 	</select>
-	<input type="text" name="s" size="30" value="<?php echo attribute_escape($term) ?>" />
+	<input type="text" name="s" size="30" value="<?php echo attr($term) ?>" />
-	<input type="submit" name="search" value="<?php echo attribute_escape(__('Search')); ?>" class="button" />
+	<input type="submit" name="search" value="<?php echo attr(__('Search')); ?>" class="button" />
 </form>
 <?php
 }
@ -202,7 +202,7 @@ function install_themes_dashboard() {
 			if ( isset($trans[$feature]) )
 				$feature_name = $trans[$feature];
 			$feature_name = wp_specialchars( $feature_name );
-			$feature = attribute_escape($feature);
+			$feature = attr($feature);
 ?>
 <li>
@ -218,7 +218,7 @@ function install_themes_dashboard() {
 </div>
 <br class="clear" />
-<input type="submit" name="search" value="<?php echo attribute_escape(__('Find Themes')); ?>" class="button" />
+<input type="submit" name="search" value="<?php echo attr(__('Find Themes')); ?>" class="button" />
 </form>
 <?php
 }
@ -301,8 +301,8 @@ function display_theme($theme, $actions = null, $show_details = true) {
 	if ( !is_array($actions) ) {
 		$actions = array();
 		$actions[] = '<a href="' . admin_url('theme-install.php?tab=theme-information&amp;theme=' . $theme->slug .
-										'&amp;TB_iframe=true&amp;tbWidth=500&amp;tbHeight=350') . '" class="thickbox thickbox-preview onclick" title="' . attribute_escape(sprintf(__('Install "%s"'), $name)) . '">' . __('Install') . '</a>';
+										'&amp;TB_iframe=true&amp;tbWidth=500&amp;tbHeight=350') . '" class="thickbox thickbox-preview onclick" title="' . attr(sprintf(__('Install "%s"'), $name)) . '">' . __('Install') . '</a>';
-		$actions[] = '<a href="' . $preview_link . '" class="thickbox thickbox-preview onclick previewlink" title="' . attribute_escape(sprintf(__('Preview "%s"'), $name)) . '">' . __('Preview') . '</a>';
+		$actions[] = '<a href="' . $preview_link . '" class="thickbox thickbox-preview onclick previewlink" title="' . attr(sprintf(__('Preview "%s"'), $name)) . '">' . __('Preview') . '</a>';
 		$actions = apply_filters('theme_install_action_links', $actions, $theme);
 	}
@ -310,7 +310,7 @@ function display_theme($theme, $actions = null, $show_details = true) {
 	?>
 <a class='thickbox thickbox-preview screenshot'
 	href='<? echo clean_url($preview_link); ?>'
-	title='<?php echo attribute_escape(sprintf(__('Preview "%s"'), $name)); ?>'>
+	title='<?php echo attr(sprintf(__('Preview "%s"'), $name)); ?>'>
 <img src='<?php echo clean_url($theme->screenshot_url); ?>' width='150' />
 </a>
 <h3><?php echo $name ?></h3>
@ -331,7 +331,7 @@ function display_theme($theme, $actions = null, $show_details = true) {
 <p><strong><?php _e('Downloaded:') ?></strong> <?php printf(_n('%s time', '%s times', $theme->downloaded), number_format_i18n($theme->downloaded)) ?></p>
 <?php endif; ?>
 <div class="star-holder" title="<?php printf(_n('(based on %s rating)', '(based on %s ratings)', $theme->num_ratings), number_format_i18n($theme->num_ratings)) ?>">
-	<div class="star star-rating" style="width: <?php echo attribute_escape($theme->rating) ?>px"></div>
+	<div class="star star-rating" style="width: <?php echo attr($theme->rating) ?>px"></div>
 	<div class="star star5"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('5 stars') ?>" /></div>
 	<div class="star star4"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('4 stars') ?>" /></div>
 	<div class="star star3"><img src="<?php echo admin_url('images/star.gif'); ?>" alt="<?php _e('3 stars') ?>" /></div>
--- a/wp-admin/includes/user.php
+++ b/wp-admin/includes/user.php
@ -366,16 +366,16 @@ function get_others_pending($user_id) {
 */
 function get_user_to_edit( $user_id ) {
 	$user = new WP_User( $user_id );
-	$user->user_login   = attribute_escape($user->user_login);
+	$user->user_login   = attr($user->user_login);
-	$user->user_email   = attribute_escape($user->user_email);
+	$user->user_email   = attr($user->user_email);
 	$user->user_url     = clean_url($user->user_url);
-	$user->first_name   = attribute_escape($user->first_name);
+	$user->first_name   = attr($user->first_name);
-	$user->last_name    = attribute_escape($user->last_name);
+	$user->last_name    = attr($user->last_name);
-	$user->display_name = attribute_escape($user->display_name);
+	$user->display_name = attr($user->display_name);
-	$user->nickname     = attribute_escape($user->nickname);
+	$user->nickname     = attr($user->nickname);
-	$user->aim          = isset( $user->aim ) && !empty( $user->aim ) ? attribute_escape($user->aim) : '';
+	$user->aim          = isset( $user->aim ) && !empty( $user->aim ) ? attr($user->aim) : '';
-	$user->yim          = isset( $user->yim ) && !empty( $user->yim ) ? attribute_escape($user->yim) : '';
+	$user->yim          = isset( $user->yim ) && !empty( $user->yim ) ? attr($user->yim) : '';
-	$user->jabber       = isset( $user->jabber ) && !empty( $user->jabber ) ? attribute_escape($user->jabber) : '';
+	$user->jabber       = isset( $user->jabber ) && !empty( $user->jabber ) ? attr($user->jabber) : '';
 	$user->description  = isset( $user->description ) && !empty( $user->description ) ? wp_specialchars($user->description) : '';
 	return $user;
--- a/wp-admin/link-manager.php
+++ b/wp-admin/link-manager.php
@ -165,7 +165,7 @@ if ( $links ) {
 	foreach ($links as $link) {
 		$link = sanitize_bookmark($link);
-		$link->link_name = attribute_escape($link->link_name);
+		$link->link_name = attr($link->link_name);
 		$link->link_category = wp_get_link_cats($link->link_id);
 		$short_url = str_replace('http://', '', $link->link_url);
 		$short_url = preg_replace('/^www\./i', '', $short_url);
@ -194,7 +194,7 @@ if ( $links ) {
 					break;
 				case 'name':
-					echo "<td $attributes><strong><a class='row-title' href='$edit_link' title='" . attribute_escape(sprintf(__('Edit "%s"'), $link->link_name)) . "'>$link->link_name</a></strong><br />";
+					echo "<td $attributes><strong><a class='row-title' href='$edit_link' title='" . attr(sprintf(__('Edit "%s"'), $link->link_name)) . "'>$link->link_name</a></strong><br />";
 					$actions = array();
 					$actions['edit'] = '<a href="' . $edit_link . '">' . __('Edit') . '</a>';
 					$actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("link.php?action=delete&amp;link_id=$link->link_id", 'delete-bookmark_' . $link->link_id) . "' onclick=\"if ( confirm('" . js_escape(sprintf( __("You are about to delete this link '%s'\n  'Cancel' to stop, 'OK' to delete."), $link->link_name )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
--- a/wp-admin/load-scripts.php
+++ b/wp-admin/load-scripts.php
@ -35,7 +35,7 @@ function add_filter() {}
 /**
 * @ignore
 */
-function attribute_escape() {}
+function attr() {}
 /**
 * @ignore
--- a/wp-admin/load-styles.php
+++ b/wp-admin/load-styles.php
@ -35,7 +35,7 @@ function add_filter() {}
 /**
 * @ignore
 */
-function attribute_escape() {}
+function attr() {}
 /**
 * @ignore
--- a/wp-admin/media-upload.php
+++ b/wp-admin/media-upload.php
@ -78,7 +78,7 @@ if ( isset($_GET['inline']) ) {
 	<?php wp_nonce_field('media-form'); ?>
 	<div id="media-items"> </div>
 	<p>
-	<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
+	<input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
 	</p>
 	</form>
 	</div>
--- a/wp-admin/menu.php
+++ b/wp-admin/menu.php
@ -39,7 +39,7 @@ $menu[5] = array( __('Posts'), 'edit_posts', 'edit.php', '', 'open-if-no-js menu
 		if ( $tax->hierarchical || ! in_array('post', (array) $tax->object_type, true) )
 			continue;
-		$submenu['edit.php'][$i] = array( attribute_escape($tax->label), 'manage_categories', 'edit-tags.php?taxonomy=' . $tax->name );
+		$submenu['edit.php'][$i] = array( attr($tax->label), 'manage_categories', 'edit-tags.php?taxonomy=' . $tax->name );
 		++$i;
 	}
--- a/wp-admin/options-discussion.php
+++ b/wp-admin/options-discussion.php
@ -54,7 +54,7 @@ include('admin-header.php');
 <label for="close_comments_for_old_posts">
 <input name="close_comments_for_old_posts" type="checkbox" id="close_comments_for_old_posts" value="1" <?php checked('1', get_option('close_comments_for_old_posts')); ?> />
-<?php printf( __('Automatically close comments on articles older than %s days'), '</label><input name="close_comments_days_old" type="text" id="close_comments_days_old" value="' . attribute_escape(get_option('close_comments_days_old')) . '" class="small-text" />') ?>
+<?php printf( __('Automatically close comments on articles older than %s days'), '</label><input name="close_comments_days_old" type="text" id="close_comments_days_old" value="' . attr(get_option('close_comments_days_old')) . '" class="small-text" />') ?>
 <br />
 <label for="thread_comments">
 <input name="thread_comments" type="checkbox" id="thread_comments" value="1" <?php checked('1', get_option('thread_comments')); ?> />
@ -83,7 +83,7 @@ $default_comments_page .= '>' . __('last') . '</option><option value="oldest"';
 if ( 'oldest' == get_option('default_comments_page') ) $default_comments_page .= ' selected="selected"';
 $default_comments_page .= '>' . __('first') . '</option></select>';
-printf( __('Break comments into pages with %1$s comments per page and the %2$s page displayed by default'), '</label><label for="comments_per_page"><input name="comments_per_page" type="text" id="comments_per_page" value="' . attribute_escape(get_option('comments_per_page')) . '" class="small-text" />', $default_comments_page );
+printf( __('Break comments into pages with %1$s comments per page and the %2$s page displayed by default'), '</label><label for="comments_per_page"><input name="comments_per_page" type="text" id="comments_per_page" value="' . attr(get_option('comments_per_page')) . '" class="small-text" />', $default_comments_page );
 ?></label>
 <br />
--- a/wp-admin/options-general.php
+++ b/wp-admin/options-general.php
@ -210,7 +210,7 @@ if (empty($tzstring)) { // set the Etc zone if no timezone string exists
 	$custom = TRUE;
 	foreach ( $date_formats as $format ) {
-		echo "\t<label title='" . attribute_escape($format) . "'><input type='radio' name='date_format' value='" . attribute_escape($format) . "'";
+		echo "\t<label title='" . attr($format) . "'><input type='radio' name='date_format' value='" . attr($format) . "'";
 		if ( get_option('date_format') === $format ) { // checked() uses "==" rather than "==="
 			echo " checked='checked'";
 			$custom = FALSE;
@ -220,7 +220,7 @@ if (empty($tzstring)) { // set the Etc zone if no timezone string exists
 	echo '	<label><input type="radio" name="date_format" id="date_format_custom_radio" value="\c\u\s\t\o\m"';
 	checked( $custom );
-	echo '/> ' . __('Custom:') . ' </label><input type="text" name="date_format_custom" value="' . attribute_escape( get_option('date_format') ) . '" class="small-text" /> ' . date_i18n( get_option('date_format') ) . "\n";
+	echo '/> ' . __('Custom:') . ' </label><input type="text" name="date_format_custom" value="' . attr( get_option('date_format') ) . '" class="small-text" /> ' . date_i18n( get_option('date_format') ) . "\n";
 	echo "\t<p>" . __('<a href="http://codex.wordpress.org/Formatting_Date_and_Time">Documentation on date formatting</a>. Click &quot;Save Changes&quot; to update sample output.') . "</p>\n";
 ?>
@ -242,7 +242,7 @@ if (empty($tzstring)) { // set the Etc zone if no timezone string exists
 	$custom = TRUE;
 	foreach ( $time_formats as $format ) {
-		echo "\t<label title='" . attribute_escape($format) . "'><input type='radio' name='time_format' value='" . attribute_escape($format) . "'";
+		echo "\t<label title='" . attr($format) . "'><input type='radio' name='time_format' value='" . attr($format) . "'";
 		if ( get_option('time_format') === $format ) { // checked() uses "==" rather than "==="
 			echo " checked='checked'";
 			$custom = FALSE;
@ -252,7 +252,7 @@ if (empty($tzstring)) { // set the Etc zone if no timezone string exists
 	echo '	<label><input type="radio" name="time_format" id="time_format_custom_radio" value="\c\u\s\t\o\m"';
 	checked( $custom );
-	echo '/> ' . __('Custom:') . ' </label><input type="text" name="time_format_custom" value="' . attribute_escape( get_option('time_format') ) . '" class="small-text" /> ' . date_i18n( get_option('time_format') ) . "\n";
+	echo '/> ' . __('Custom:') . ' </label><input type="text" name="time_format_custom" value="' . attr( get_option('time_format') ) . '" class="small-text" /> ' . date_i18n( get_option('time_format') ) . "\n";
 ?>
 	</fieldset>
 </td>
--- a/wp-admin/options-misc.php
+++ b/wp-admin/options-misc.php
@ -27,14 +27,14 @@ include('admin-header.php');
 <table class="form-table">
 <tr valign="top">
 <th scope="row"><label for="upload_path"><?php _e('Store uploads in this folder'); ?></label></th>
-<td><input name="upload_path" type="text" id="upload_path" value="<?php echo attribute_escape(str_replace(ABSPATH, '', get_option('upload_path'))); ?>" class="regular-text code" />
+<td><input name="upload_path" type="text" id="upload_path" value="<?php echo attr(str_replace(ABSPATH, '', get_option('upload_path'))); ?>" class="regular-text code" />
 <span class="setting-description"><?php _e('Default is <code>wp-content/uploads</code>'); ?></span>
 </td>
 </tr>
 <tr valign="top">
 <th scope="row"><label for="upload_url_path"><?php _e('Full URL path to files'); ?></label></th>
-<td><input name="upload_url_path" type="text" id="upload_url_path" value="<?php echo attribute_escape( get_option('upload_url_path')); ?>" class="regular-text code" />
+<td><input name="upload_url_path" type="text" id="upload_url_path" value="<?php echo attr( get_option('upload_url_path')); ?>" class="regular-text code" />
 <span class="setting-description"><?php _e('Configuring this is optional. By default, it should be blank.'); ?></span>
 </td>
 </tr>
--- a/wp-admin/options-permalink.php
+++ b/wp-admin/options-permalink.php
@ -173,7 +173,7 @@ $structures = array(
 			</label>
 		</th>
 		<td>
-			<input name="permalink_structure" id="permalink_structure" type="text" value="<?php echo attribute_escape($permalink_structure); ?>" class="regular-text code" />
+			<input name="permalink_structure" id="permalink_structure" type="text" value="<?php echo attr($permalink_structure); ?>" class="regular-text code" />
 		</td>
 	</tr>
 </table>
@ -188,11 +188,11 @@ $structures = array(
 <table class="form-table">
 	<tr>
 		<th><label for="category_base"><?php _e('Category base'); ?></label></th>
-		<td><input name="category_base" id="category_base" type="text" value="<?php echo attribute_escape($category_base); ?>" class="regular-text code" /></td>
+		<td><input name="category_base" id="category_base" type="text" value="<?php echo attr($category_base); ?>" class="regular-text code" /></td>
 	</tr>
 	<tr>
 		<th><label for="tag_base"><?php _e('Tag base'); ?></label></th>
-		<td><input name="tag_base" id="tag_base" type="text" value="<?php echo attribute_escape($tag_base); ?>" class="regular-text code" /></td>
+		<td><input name="tag_base" id="tag_base" type="text" value="<?php echo attr($tag_base); ?>" class="regular-text code" /></td>
 	</tr>
 	<?php do_settings_fields('permalink', 'optional'); ?>
 </table>
--- a/wp-admin/options.php
+++ b/wp-admin/options.php
@ -99,7 +99,7 @@ $options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name
 foreach ( (array) $options as $option) :
 	$disabled = '';
-	$option->option_name = attribute_escape($option->option_name);
+	$option->option_name = attr($option->option_name);
 	if ( is_serialized($option->option_value) ) {
 		if ( is_serialized_string($option->option_value) ) {
 			// this is a serialized string, so we should display it
@ -122,7 +122,7 @@ foreach ( (array) $options as $option) :
 <td>";
 	if (strpos($value, "\n") !== false) echo "<textarea class='$class' name='$option->option_name' id='$option->option_name' cols='30' rows='5'>" . wp_specialchars($value) . "</textarea>";
-	else echo "<input class='regular-text $class' type='text' name='$option->option_name' id='$option->option_name' value='" . attribute_escape($value) . "'$disabled />";
+	else echo "<input class='regular-text $class' type='text' name='$option->option_name' id='$option->option_name' value='" . attr($value) . "'$disabled />";
 	echo "</td>
 </tr>";
--- a/wp-admin/plugin-editor.php
+++ b/wp-admin/plugin-editor.php
@ -116,7 +116,7 @@ default:
 			$docs_select = '<select name="docs-list" id="docs-list">';
 			$docs_select .= '<option value="">' . __( 'Function Name...' ) . '</option>';
 			foreach ( $functions as $function) {
-				$docs_select .= '<option value="' . attribute_escape( $function ) . '">' . htmlspecialchars( $function ) . '()</option>';
+				$docs_select .= '<option value="' . attr( $function ) . '">' . htmlspecialchars( $function ) . '()</option>';
 			}
 			$docs_select .= '</select>';
 		}
@ -132,7 +132,7 @@ default:
 <div id="message" class="updated fade"><p><?php _e('This plugin has been deactivated because your changes resulted in a <strong>fatal error</strong>.') ?></p>
 	<?php
 		if ( wp_verify_nonce($_GET['_error_nonce'], 'plugin-activation-error_' . $file) ) { ?>
-	<iframe style="border:0" width="100%" height="70px" src="<?php bloginfo('wpurl'); ?>/wp-admin/plugins.php?action=error_scrape&amp;plugin=<?php echo attribute_escape($file); ?>&amp;_wpnonce=<?php echo attribute_escape($_GET['_error_nonce']); ?>"></iframe>
+	<iframe style="border:0" width="100%" height="70px" src="<?php bloginfo('wpurl'); ?>/wp-admin/plugins.php?action=error_scrape&amp;plugin=<?php echo attr($file); ?>&amp;_wpnonce=<?php echo attr($_GET['_error_nonce']); ?>"></iframe>
 	<?php } ?>
 </div>
 <?php endif; ?>
@ -150,8 +150,8 @@ default:
 			$selected = " selected='selected'";
 		else
 			$selected = '';
-		$plugin_name = attribute_escape($plugin_name);
+		$plugin_name = attr($plugin_name);
-		$plugin_key = attribute_escape($plugin_key);
+		$plugin_key = attr($plugin_key);
 		echo "\n\t<option value=\"$plugin_key\" $selected>$plugin_name</option>";
 	}
 ?>
@ -208,7 +208,7 @@ foreach ( $plugin_files as $plugin_file ) :
 		<input type="hidden" name="plugin" value="<?php echo $plugin ?>" />
 		</div>
 		<?php if ( count( $functions ) ) : ?>
-		<div id="documentation"><label for="docs-list"><?php _e('Documentation:') ?></label> <?php echo $docs_select ?> <input type="button" class="button" value=" <?php echo attribute_escape(__( 'Lookup' )) ?> " onclick="if ( '' != jQuery('#docs-list').val() ) { window.open( 'http://api.wordpress.org/core/handbook/1.0/?function=' + escape( jQuery( '#docs-list' ).val() ) + '&locale=<?php echo urlencode( get_locale() ) ?>&version=<?php echo urlencode( $wp_version ) ?>&redirect=true'); }" /></div>
+		<div id="documentation"><label for="docs-list"><?php _e('Documentation:') ?></label> <?php echo $docs_select ?> <input type="button" class="button" value=" <?php echo attr(__( 'Lookup' )) ?> " onclick="if ( '' != jQuery('#docs-list').val() ) { window.open( 'http://api.wordpress.org/core/handbook/1.0/?function=' + escape( jQuery( '#docs-list' ).val() ) + '&locale=<?php echo urlencode( get_locale() ) ?>&version=<?php echo urlencode( $wp_version ) ?>&redirect=true'); }" /></div>
 		<?php endif; ?>
 <?php if ( is_writeable($real_file) ) : ?>
 	<?php if ( in_array($file, (array) get_option('active_plugins')) ) { ?>
--- a/wp-admin/plugins.php
+++ b/wp-admin/plugins.php
@ -139,7 +139,7 @@ if ( !empty($action) ) {
 					<input type="hidden" name="action" value="delete-selected" />
 					<?php
 						foreach ( (array)$plugins as $plugin )
-							echo '<input type="hidden" name="checked[]" value="' . attribute_escape($plugin) . '" />';
+							echo '<input type="hidden" name="checked[]" value="' . attr($plugin) . '" />';
 					?>
 					<?php wp_nonce_field('bulk-manage-plugins') ?>
 					<input type="submit" name="submit" value="<?php _e('Yes, Delete these files') ?>" class="button" />
@ -194,7 +194,7 @@ if ( !empty($invalid) )
 	<div id="message" class="updated fade"><p><?php _e('Plugin could not be activated because it triggered a <strong>fatal error</strong>.') ?></p>
 	<?php
 		if ( wp_verify_nonce($_GET['_error_nonce'], 'plugin-activation-error_' . $plugin) ) { ?>
-	<iframe style="border:0" width="100%" height="70px" src="<?php echo admin_url('plugins.php?action=error_scrape&amp;plugin=' . attribute_escape($plugin) . '&amp;_wpnonce=' . attribute_escape($_GET['_error_nonce'])); ?>"></iframe>
+	<iframe style="border:0" width="100%" height="70px" src="<?php echo admin_url('plugins.php?action=error_scrape&amp;plugin=' . attr($plugin) . '&amp;_wpnonce=' . attr($_GET['_error_nonce'])); ?>"></iframe>
 	<?php
 		}
 	?>
@ -369,7 +369,7 @@ function print_plugins_table($plugins, $context = '') {
 		$class = $is_active ? 'active' : 'inactive';
 		echo "
 	<tr class='$class'>
-		<th scope='row' class='check-column'><input type='checkbox' name='checked[]' value='" . attribute_escape($plugin_file) . "' /></th>
+		<th scope='row' class='check-column'><input type='checkbox' name='checked[]' value='" . attr($plugin_file) . "' /></th>
 		<td class='plugin-title'><strong>{$plugin_data['Title']}</strong>";
 		$i = 0;
 		echo '<div class="row-actions">';
@ -432,8 +432,8 @@ function print_plugin_actions($context) {
 <form method="post" action="<?php echo admin_url('plugins.php') ?>">
 <?php wp_nonce_field('bulk-manage-plugins') ?>
-<input type="hidden" name="plugin_status" value="<?php echo attribute_escape($status) ?>" />
+<input type="hidden" name="plugin_status" value="<?php echo attr($status) ?>" />
-<input type="hidden" name="paged" value="<?php echo attribute_escape($page) ?>" />
+<input type="hidden" name="paged" value="<?php echo attr($page) ?>" />
 <ul class="subsubsub">
 <?php
--- a/wp-admin/press-this.php
+++ b/wp-admin/press-this.php
@ -135,12 +135,12 @@ switch ($_REQUEST['ajax']) {
 		<h3 class="tb"><label for="this_photo_description"><?php _e('Description') ?></label></h3>
 		<div class="titlediv">
 		<div class="titlewrap">
-			<input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attribute_escape($title);?>"/>
+			<input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attr($title);?>"/>
 		</div>
 		</div>
-		<p class="centered"><input type="hidden" name="this_photo" value="<?php echo attribute_escape($image); ?>" id="this_photo" />
+		<p class="centered"><input type="hidden" name="this_photo" value="<?php echo attr($image); ?>" id="this_photo" />
-			<a href="#" class="select"><img src="<?php echo clean_url($image); ?>" alt="<?php echo attribute_escape(__('Click to insert.')); ?>" title="<?php echo attribute_escape(__('Click to insert.')); ?>" /></a></p>
+			<a href="#" class="select"><img src="<?php echo clean_url($image); ?>" alt="<?php echo attr(__('Click to insert.')); ?>" title="<?php echo attr(__('Click to insert.')); ?>" /></a></p>
 		<p id="options"><a href="#" class="select button"><?php _e('Insert Image'); ?></a> <a href="#" class="cancel button"><?php _e('Cancel'); ?></a></p>
@ -168,7 +168,7 @@ switch ($_REQUEST['ajax']) {
 		<h3 class="tb"><label for="photo_description"><?php _e('Description') ?></label></h3>
 		<div id="titlediv">
 			<div class="titlewrap">
-			<input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attribute_escape($title);?>"/>
+			<input id="this_photo_description" name="photo_description" class="tbtitle text" onkeypress="if(event.keyCode==13) image_selector();" value="<?php echo attr($title);?>"/>
 			</div>
 		</div>
@ -377,7 +377,7 @@ var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>';
 		jQuery('#extra_fields').show();
 		switch(tab_name) {
 			case 'video' :
-				jQuery('#extra_fields').load('<?php echo clean_url($_SERVER['PHP_SELF']); ?>', { ajax: 'video', s: '<?php echo attribute_escape($selection); ?>'}, function() {
+				jQuery('#extra_fields').load('<?php echo clean_url($_SERVER['PHP_SELF']); ?>', { ajax: 'video', s: '<?php echo attr($selection); ?>'}, function() {
 					<?php
 					$content = '';
 					if ( preg_match("/youtube\.com\/watch/i", $url) ) {
@ -516,7 +516,7 @@ var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>';
 		<div id="titlediv">
 			<div class="titlewrap">
-				<input name="title" id="title" class="text" value="<?php echo attribute_escape($title);?>"/>
+				<input name="title" id="title" class="text" value="<?php echo attr($title);?>"/>
 			</div>
 		</div>
--- a/wp-admin/theme-editor.php
+++ b/wp-admin/theme-editor.php
@ -125,7 +125,7 @@ $desc_header = ( $description != $file_show ) ? "<strong>$description</strong> (
 	$theme_name = $a_theme['Name'];
 	if ($theme_name == $theme) $selected = " selected='selected'";
 	else $selected = '';
-	$theme_name = attribute_escape($theme_name);
+	$theme_name = attr($theme_name);
 	echo "\n\t<option value=\"$theme_name\" $selected>$theme_name</option>";
 }
 ?>
--- a/wp-admin/themes.php
+++ b/wp-admin/themes.php
@ -188,14 +188,14 @@ foreach ( $cols as $col => $theme_name ) {
 	$parent_theme = $themes[$theme_name]['Parent Theme'];
 	$preview_link = clean_url( get_option('home') . '/');
 	$preview_link = htmlspecialchars( add_query_arg( array('preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'TB_iframe' => 'true' ), $preview_link ) );
-	$preview_text = attribute_escape( sprintf( __('Preview of "%s"'), $title ) );
+	$preview_text = attr( sprintf( __('Preview of "%s"'), $title ) );
 	$tags = $themes[$theme_name]['Tags'];
 	$thickbox_class = 'thickbox thickbox-preview';
 	$activate_link = wp_nonce_url("themes.php?action=activate&amp;template=".urlencode($template)."&amp;stylesheet=".urlencode($stylesheet), 'switch-theme_' . $template);
-	$activate_text = attribute_escape( sprintf( __('Activate "%s"'), $title ) );
+	$activate_text = attr( sprintf( __('Activate "%s"'), $title ) );
 	$actions = array();
 	$actions[] = '<a href="' . $activate_link .  '" class="activatelink" title="' . $activate_text . '">' . __('Activate') . '</a>';
-	$actions[] = '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . attribute_escape(sprintf(__('Preview "%s"'), $theme_name)) . '">' . __('Preview') . '</a>';
+	$actions[] = '<a href="' . $preview_link . '" class="thickbox thickbox-preview" title="' . attr(sprintf(__('Preview "%s"'), $theme_name)) . '">' . __('Preview') . '</a>';
 	if ( current_user_can('update_themes') )
 		$actions[] = '<a class="submitdelete deletion" href="' . wp_nonce_url("themes.php?action=delete&amp;template=$stylesheet", 'delete-theme_' . $stylesheet) . '" onclick="' . "if ( confirm('" . js_escape(sprintf( __("You are about to delete this theme '%s'\n  'Cancel' to stop, 'OK' to delete."), $theme_name )) . "') ) {return true;}return false;" . '">' . __('Delete') . '</a>';
 	$actions = apply_filters('theme_action_links', $actions, $themes[$theme_name]);
--- a/wp-admin/tools.php
+++ b/wp-admin/tools.php
@ -84,7 +84,7 @@ if ( ! $is_opera ) {
 	<p><?php _e('Use Press This to clip text, images and videos from any web page. Then edit and add more straight from Press This before you save or publish it in a post on your blog.'); ?></p>
 	<p><?php _e('Drag-and-drop the following link to your bookmarks bar or right click it and add it to your favorites for a posting shortcut.') ?></p>
-	<p class="pressthis"><a href="<?php echo htmlspecialchars( get_shortcut_link() ); ?>" title="<?php echo attribute_escape(__('Press This')) ?>"><?php _e('Press This') ?></a></p>
+	<p class="pressthis"><a href="<?php echo htmlspecialchars( get_shortcut_link() ); ?>" title="<?php echo attr(__('Press This')) ?>"><?php _e('Press This') ?></a></p>
 </div>
 <?php endif; ?>
 </div>
--- a/wp-admin/update-core.php
+++ b/wp-admin/update-core.php
@ -46,9 +46,9 @@ function list_core_update( $update ) {
 	echo '<a href="' . $update->package . '" class="button">' . $download . '</a>&nbsp;';
 	if ( 'en_US' != $update->locale )
 		if ( !isset( $update->dismissed ) || !$update->dismissed )
-			echo '<input id="dismiss" class="button" type="submit" value="' . attribute_escape(__('Hide this update')) . '" name="dismiss" />';
+			echo '<input id="dismiss" class="button" type="submit" value="' . attr(__('Hide this update')) . '" name="dismiss" />';
 		else
-			echo '<input id="undismiss" class="button" type="submit" value="' . attribute_escape(__('Bring back this update')) . '" name="undismiss" />';
+			echo '<input id="undismiss" class="button" type="submit" value="' . attr(__('Bring back this update')) . '" name="undismiss" />';
 	echo '</p>';
 	echo '</form>';
--- a/wp-admin/upload.php
+++ b/wp-admin/upload.php
@ -329,10 +329,10 @@ foreach ($arc_result as $arc_row) {
 		<td class="media-icon"><?php
 		if ( $thumb = wp_get_attachment_image( $post->ID, array(80, 60), true ) ) { ?>
-			<a href="media.php?action=edit&amp;attachment_id=<?php echo $post->ID; ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $thumb; ?></a>
+			<a href="media.php?action=edit&amp;attachment_id=<?php echo $post->ID; ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $thumb; ?></a>
 <?php	} ?></td>
-		<td class="media column-media"><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo attribute_escape(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
+		<td class="media column-media"><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo attr(sprintf(__('Edit "%s"'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
 		<?php echo strtoupper(preg_replace('/^.*?\.(\w+)$/', '$1', get_attached_file($post->ID))); ?>
 		<div class="row-actions">
@ -342,7 +342,7 @@ foreach ($arc_result as $arc_row) {
 			$actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '">' . __('Edit') . '</a>';
 		if ( current_user_can('delete_post', $post->ID) )
 			$actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n  'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
-		$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attribute_escape(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+		$actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attr(sprintf(__('View "%s"'), $title)) . '" rel="permalink">' . __('View') . '</a>';
 		if ( current_user_can('edit_post', $post->ID) )
 			$actions['attach'] = '<a href="#the-list" onclick="findPosts.open(\'media[]\',\''.$post->ID.'\');return false;">'.__('Attach').'</a>';
 		$actions = apply_filters( 'media_row_actions', $actions, $post );
--- a/wp-admin/users.php
+++ b/wp-admin/users.php
@ -28,10 +28,10 @@ if ( empty($doaction) ) {
 }
 if ( empty($_REQUEST) ) {
-	$referer = '<input type="hidden" name="wp_http_referer" value="'. attribute_escape(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
+	$referer = '<input type="hidden" name="wp_http_referer" value="'. attr(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
 } elseif ( isset($_REQUEST['wp_http_referer']) ) {
 	$redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), stripslashes($_REQUEST['wp_http_referer']));
-	$referer = '<input type="hidden" name="wp_http_referer" value="' . attribute_escape($redirect) . '" />';
+	$referer = '<input type="hidden" name="wp_http_referer" value="' . attr($redirect) . '" />';
 } else {
 	$redirect = 'users.php';
 	$referer = '';
@ -291,7 +291,7 @@ unset($role_links);
 <form class="search-form" action="" method="get">
 <p class="search-box">
 	<label class="hidden" for="user-search-input"><?php _e( 'Search Users' ); ?>:</label>
-	<input type="text" id="user-search-input" name="usersearch" value="<?php echo attribute_escape($wp_user_search->search_term); ?>" />
+	<input type="text" id="user-search-input" name="usersearch" value="<?php echo attr($wp_user_search->search_term); ?>" />
 	<input type="submit" value="<?php _e( 'Search Users' ); ?>" class="button" />
 </p>
 </form>
@ -388,7 +388,7 @@ foreach ( $wp_user_search->get_results() as $userid ) {
 <?php
 	foreach ( array('user_login' => 'user_login', 'first_name' => 'user_firstname', 'last_name' => 'user_lastname', 'email' => 'user_email', 'url' => 'user_uri', 'role' => 'user_role') as $formpost => $var ) {
 		$var = 'new_' . $var;
-		$$var = isset($_REQUEST[$formpost]) ? attribute_escape(stripslashes($_REQUEST[$formpost])) : '';
+		$$var = isset($_REQUEST[$formpost]) ? attr(stripslashes($_REQUEST[$formpost])) : '';
 	}
 	unset($name);
 ?>
--- a/wp-admin/widgets.php
+++ b/wp-admin/widgets.php
@ -356,7 +356,7 @@ $i = 0;
 foreach ( $wp_registered_sidebars as $sidebar => $registered_sidebar ) {
 	if ( 'wp_inactive_widgets' == $sidebar )
 		continue; ?>
-	<div id="<?php echo attribute_escape( $sidebar ); ?>" class="widgets-holder-wrap">
+	<div id="<?php echo attr( $sidebar ); ?>" class="widgets-holder-wrap">
 	<h3 class="sidebar-name"><?php echo wp_specialchars( $registered_sidebar['name'] ); ?>
 	<span><img src="images/loading-publish.gif" class="ajax-feedback" title="" alt="" /></span></h3>
 	<?php wp_list_widget_controls( $sidebar, $i ); // Show the control forms for each of the widgets in this sidebar ?>
--- a/wp-app.php
+++ b/wp-app.php
@ -352,9 +352,9 @@ class AtomServer {
 		if( !current_user_can( 'edit_posts' ) )
 			$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
-		$entries_url = attribute_escape($this->get_entries_url());
+		$entries_url = attr($this->get_entries_url());
-		$categories_url = attribute_escape($this->get_categories_url());
+		$categories_url = attr($this->get_categories_url());
-		$media_url = attribute_escape($this->get_attachments_url());
+		$media_url = attr($this->get_attachments_url());
 		foreach ($this->media_content_types as $med) {
 			$accepted_media_types = $accepted_media_types . "<accept>" . $med . "</accept>";
 		}
@ -392,12 +392,12 @@ EOD;
 		if( !current_user_can( 'edit_posts' ) )
 			$this->auth_required( __( 'Sorry, you do not have the right to access this blog.' ) );
-		$home = attribute_escape(get_bloginfo_rss('home'));
+		$home = attr(get_bloginfo_rss('home'));
 		$categories = "";
 		$cats = get_categories("hierarchical=0&hide_empty=0");
 		foreach ((array) $cats as $cat) {
-			$categories .= "    <category term=\"" . attribute_escape($cat->name) .  "\" />\n";
+			$categories .= "    <category term=\"" . attr($cat->name) .  "\" />\n";
 }
 		$output = <<<EOD
 <app:categories xmlns:app="$this->ATOMPUB_NS"
@ -1332,7 +1332,7 @@ list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
 	function redirect($url) {
 		log_app('Status','302: Redirect');
-		$escaped_url = attribute_escape($url);
+		$escaped_url = attr($url);
 		$content = <<<EOD
 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
 <html>
--- a/wp-content/themes/classic/comments-popup.php
+++ b/wp-content/themes/classic/comments-popup.php
@ -64,7 +64,7 @@ if ( post_password_required($commentstatus) ) {  // and it doesn't match the coo
 <form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">
 <?php if ( is_user_logged_in() ) : ?>
-<p><?php printf(__('Logged in as %s.'), '<a href="'.get_option('siteurl').'/wp-admin/profile.php">'.$user_identity.'</a>'); ?> <a href="<?php echo wp_logout_url(); ?>" title="<?php echo attribute_escape(__('Log out of this account')); ?>"><?php _e('Log out &raquo;'); ?></a></p>
+<p><?php printf(__('Logged in as %s.'), '<a href="'.get_option('siteurl').'/wp-admin/profile.php">'.$user_identity.'</a>'); ?> <a href="<?php echo wp_logout_url(); ?>" title="<?php echo attr(__('Log out of this account')); ?>"><?php _e('Log out &raquo;'); ?></a></p>
 <?php else : ?>
 	<p>
 	  <input type="text" name="author" id="author" class="textarea" value="<?php echo $comment_author; ?>" size="28" tabindex="1" />
@ -90,7 +90,7 @@ if ( post_password_required($commentstatus) ) {  // and it doesn't match the coo
 	<p>
 	  <input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
-	  <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" />
+	  <input type="hidden" name="redirect_to" value="<?php echo attr($_SERVER["REQUEST_URI"]); ?>" />
 	  <input name="submit" type="submit" tabindex="5" value="<?php _e("Say It!"); ?>" />
 	</p>
 	<?php do_action('comment_form', $post->ID); ?>
--- a/wp-content/themes/classic/comments.php
+++ b/wp-content/themes/classic/comments.php
@ -68,7 +68,7 @@ if ( post_password_required() ) : ?>
 <p><textarea name="comment" id="comment" cols="100%" rows="10" tabindex="4"></textarea></p>
-<p><input name="submit" type="submit" id="submit" tabindex="5" value="<?php echo attribute_escape(__('Submit Comment')); ?>" />
+<p><input name="submit" type="submit" id="submit" tabindex="5" value="<?php echo attr(__('Submit Comment')); ?>" />
 <input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
 </p>
 <?php do_action('comment_form', $post->ID); ?>
--- a/wp-content/themes/default/comments-popup.php
+++ b/wp-content/themes/default/comments-popup.php
@ -89,7 +89,7 @@ if ( post_password_required($post) ) {  // and it doesn't match the cookie
 	<p>
      <input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
-	  <input type="hidden" name="redirect_to" value="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" />
+	  <input type="hidden" name="redirect_to" value="<?php echo attr($_SERVER["REQUEST_URI"]); ?>" />
 	  <input name="submit" type="submit" tabindex="5" value="Say It!" />
 	</p>
 	<?php do_action('comment_form', $post->ID); ?>
--- a/wp-content/themes/default/functions.php
+++ b/wp-content/themes/default/functions.php
@ -166,7 +166,7 @@ function kubrick_theme_page_head() {
 		kUpdate(ColorPicker_targetInput.id);
 	}
 	function PopupWindow_populate(contents) {
-		contents += '<br /><p style="text-align:center;margin-top:0px;"><input type="button" class="button-secondary" value="<?php echo attribute_escape(__('Close Color Picker')); ?>" onclick="cp.hidePopup(\'prettyplease\')"></input></p>';
+		contents += '<br /><p style="text-align:center;margin-top:0px;"><input type="button" class="button-secondary" value="<?php echo attr(__('Close Color Picker')); ?>" onclick="cp.hidePopup(\'prettyplease\')"></input></p>';
 		this.contents = contents;
 		this.populated = false;
 	}
@ -380,43 +380,43 @@ function kubrick_theme_page() {
 		<div id="nonJsForm">
 			<form method="post" action="">
 				<?php wp_nonce_field('kubrick-header'); ?>
-				<div class="zerosize"><input type="submit" name="defaultsubmit" value="<?php echo attribute_escape(__('Save')); ?>" /></div>
+				<div class="zerosize"><input type="submit" name="defaultsubmit" value="<?php echo attr(__('Save')); ?>" /></div>
-					<label for="njfontcolor"><?php _e('Font Color:'); ?></label><input type="text" name="njfontcolor" id="njfontcolor" value="<?php echo attribute_escape(kubrick_header_color()); ?>" /> <?php printf(__('Any CSS color (%s or %s or %s)'), '<code>red</code>', '<code>#FF0000</code>', '<code>rgb(255, 0, 0)</code>'); ?><br />
+					<label for="njfontcolor"><?php _e('Font Color:'); ?></label><input type="text" name="njfontcolor" id="njfontcolor" value="<?php echo attr(kubrick_header_color()); ?>" /> <?php printf(__('Any CSS color (%s or %s or %s)'), '<code>red</code>', '<code>#FF0000</code>', '<code>rgb(255, 0, 0)</code>'); ?><br />
-					<label for="njuppercolor"><?php _e('Upper Color:'); ?></label><input type="text" name="njuppercolor" id="njuppercolor" value="#<?php echo attribute_escape(kubrick_upper_color()); ?>" /> <?php printf(__('HEX only (%s or %s)'), '<code>#FF0000</code>', '<code>#F00</code>'); ?><br />
+					<label for="njuppercolor"><?php _e('Upper Color:'); ?></label><input type="text" name="njuppercolor" id="njuppercolor" value="#<?php echo attr(kubrick_upper_color()); ?>" /> <?php printf(__('HEX only (%s or %s)'), '<code>#FF0000</code>', '<code>#F00</code>'); ?><br />
-				<label for="njlowercolor"><?php _e('Lower Color:'); ?></label><input type="text" name="njlowercolor" id="njlowercolor" value="#<?php echo attribute_escape(kubrick_lower_color()); ?>" /> <?php printf(__('HEX only (%s or %s)'), '<code>#FF0000</code>', '<code>#F00</code>'); ?><br />
+				<label for="njlowercolor"><?php _e('Lower Color:'); ?></label><input type="text" name="njlowercolor" id="njlowercolor" value="#<?php echo attr(kubrick_lower_color()); ?>" /> <?php printf(__('HEX only (%s or %s)'), '<code>#FF0000</code>', '<code>#F00</code>'); ?><br />
-				<input type="hidden" name="hi" id="hi" value="<?php echo attribute_escape(kubrick_header_image()); ?>" />
+				<input type="hidden" name="hi" id="hi" value="<?php echo attr(kubrick_header_image()); ?>" />
-				<input type="submit" name="toggledisplay" id="toggledisplay" value="<?php echo attribute_escape(__('Toggle Text')); ?>" />
+				<input type="submit" name="toggledisplay" id="toggledisplay" value="<?php echo attr(__('Toggle Text')); ?>" />
-				<input type="submit" name="defaults" value="<?php echo attribute_escape(__('Use Defaults')); ?>" />
+				<input type="submit" name="defaults" value="<?php echo attr(__('Use Defaults')); ?>" />
 				<input type="submit" class="defbutton" name="submitform" value="&nbsp;&nbsp;<?php _e('Save'); ?>&nbsp;&nbsp;" />
 				<input type="hidden" name="action" value="save" />
 				<input type="hidden" name="njform" value="true" />
 			</form>
 		</div>
 		<div id="jsForm">
-			<form style="display:inline;" method="post" name="hicolor" id="hicolor" action="<?php echo attribute_escape($_SERVER['REQUEST_URI']); ?>">
+			<form style="display:inline;" method="post" name="hicolor" id="hicolor" action="<?php echo attr($_SERVER['REQUEST_URI']); ?>">
 				<?php wp_nonce_field('kubrick-header'); ?>
-	<input type="button"  class="button-secondary" onclick="tgt=document.getElementById('fontcolor');colorSelect(tgt,'pick1');return false;" name="pick1" id="pick1" value="<?php echo attribute_escape(__('Font Color')); ?>"></input>
+	<input type="button"  class="button-secondary" onclick="tgt=document.getElementById('fontcolor');colorSelect(tgt,'pick1');return false;" name="pick1" id="pick1" value="<?php echo attr(__('Font Color')); ?>"></input>
-		<input type="button" class="button-secondary" onclick="tgt=document.getElementById('uppercolor');colorSelect(tgt,'pick2');return false;" name="pick2" id="pick2" value="<?php echo attribute_escape(__('Upper Color')); ?>"></input>
+		<input type="button" class="button-secondary" onclick="tgt=document.getElementById('uppercolor');colorSelect(tgt,'pick2');return false;" name="pick2" id="pick2" value="<?php echo attr(__('Upper Color')); ?>"></input>
-		<input type="button" class="button-secondary" onclick="tgt=document.getElementById('lowercolor');colorSelect(tgt,'pick3');return false;" name="pick3" id="pick3" value="<?php echo attribute_escape(__('Lower Color')); ?>"></input>
+		<input type="button" class="button-secondary" onclick="tgt=document.getElementById('lowercolor');colorSelect(tgt,'pick3');return false;" name="pick3" id="pick3" value="<?php echo attr(__('Lower Color')); ?>"></input>
-				<input type="button" class="button-secondary" name="revert" value="<?php echo attribute_escape(__('Revert')); ?>" onclick="kRevert()" />
+				<input type="button" class="button-secondary" name="revert" value="<?php echo attr(__('Revert')); ?>" onclick="kRevert()" />
-				<input type="button" class="button-secondary" value="<?php echo attribute_escape(__('Advanced')); ?>" onclick="toggleAdvanced()" />
+				<input type="button" class="button-secondary" value="<?php echo attr(__('Advanced')); ?>" onclick="toggleAdvanced()" />
 				<input type="hidden" name="action" value="save" />
-				<input type="hidden" name="fontdisplay" id="fontdisplay" value="<?php echo attribute_escape(kubrick_header_display()); ?>" />
+				<input type="hidden" name="fontdisplay" id="fontdisplay" value="<?php echo attr(kubrick_header_display()); ?>" />
-				<input type="hidden" name="fontcolor" id="fontcolor" value="<?php echo attribute_escape(kubrick_header_color()); ?>" />
+				<input type="hidden" name="fontcolor" id="fontcolor" value="<?php echo attr(kubrick_header_color()); ?>" />
-				<input type="hidden" name="uppercolor" id="uppercolor" value="<?php echo attribute_escape(kubrick_upper_color()); ?>" />
+				<input type="hidden" name="uppercolor" id="uppercolor" value="<?php echo attr(kubrick_upper_color()); ?>" />
-				<input type="hidden" name="lowercolor" id="lowercolor" value="<?php echo attribute_escape(kubrick_lower_color()); ?>" />
+				<input type="hidden" name="lowercolor" id="lowercolor" value="<?php echo attr(kubrick_lower_color()); ?>" />
-				<input type="hidden" name="headerimage" id="headerimage" value="<?php echo attribute_escape(kubrick_header_image()); ?>" />
+				<input type="hidden" name="headerimage" id="headerimage" value="<?php echo attr(kubrick_header_image()); ?>" />
-				<p class="submit"><input type="submit" name="submitform" class="button-primary" value="<?php echo attribute_escape(__('Update Header')); ?>" onclick="cp.hidePopup('prettyplease')" /></p>
+				<p class="submit"><input type="submit" name="submitform" class="button-primary" value="<?php echo attr(__('Update Header')); ?>" onclick="cp.hidePopup('prettyplease')" /></p>
 			</form>
 			<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
 			<div id="advanced">
 				<form id="jsAdvanced" style="display:none;" action="">
 					<?php wp_nonce_field('kubrick-header'); ?>
-					<label for="advfontcolor"><?php _e('Font Color (CSS):'); ?> </label><input type="text" id="advfontcolor" onchange="advUpdate(this.value, 'fontcolor')" value="<?php echo attribute_escape(kubrick_header_color()); ?>" /><br />
+					<label for="advfontcolor"><?php _e('Font Color (CSS):'); ?> </label><input type="text" id="advfontcolor" onchange="advUpdate(this.value, 'fontcolor')" value="<?php echo attr(kubrick_header_color()); ?>" /><br />
-					<label for="advuppercolor"><?php _e('Upper Color (HEX):');?> </label><input type="text" id="advuppercolor" onchange="advUpdate(this.value, 'uppercolor')" value="#<?php echo attribute_escape(kubrick_upper_color()); ?>" /><br />
+					<label for="advuppercolor"><?php _e('Upper Color (HEX):');?> </label><input type="text" id="advuppercolor" onchange="advUpdate(this.value, 'uppercolor')" value="#<?php echo attr(kubrick_upper_color()); ?>" /><br />
-					<label for="advlowercolor"><?php _e('Lower Color (HEX):'); ?> </label><input type="text" id="advlowercolor" onchange="advUpdate(this.value, 'lowercolor')" value="#<?php echo attribute_escape(kubrick_lower_color()); ?>" /><br />
+					<label for="advlowercolor"><?php _e('Lower Color (HEX):'); ?> </label><input type="text" id="advlowercolor" onchange="advUpdate(this.value, 'lowercolor')" value="#<?php echo attr(kubrick_lower_color()); ?>" /><br />
-					<input type="button" class="button-secondary" name="default" value="<?php echo attribute_escape(__('Select Default Colors')); ?>" onclick="kDefaults()" /><br />
+					<input type="button" class="button-secondary" name="default" value="<?php echo attr(__('Select Default Colors')); ?>" onclick="kDefaults()" /><br />
-					<input type="button" class="button-secondary" onclick="toggleDisplay();return false;" name="pick" id="pick" value="<?php echo attribute_escape(__('Toggle Text Display')); ?>"></input><br />
+					<input type="button" class="button-secondary" onclick="toggleDisplay();return false;" name="pick" id="pick" value="<?php echo attr(__('Toggle Text Display')); ?>"></input><br />
 				</form>
 			</div>
 		</div>
--- a/wp-includes/author-template.php
+++ b/wp-includes/author-template.php
@ -421,7 +421,7 @@ function the_author_posts_link($deprecated = '') {
 	printf(
 		'<a href="%1$s" title="%2$s">%3$s</a>',
 		get_author_posts_url( $authordata->ID, $authordata->user_nicename ),
-		sprintf( __( 'Posts by %s' ), attribute_escape( get_the_author() ) ),
+		sprintf( __( 'Posts by %s' ), attr( get_the_author() ) ),
 		get_the_author()
 	);
 }
@ -544,7 +544,7 @@ function wp_list_authors($args = '') {
 			if ( ! $hide_empty )
 				$link = $name;
 		} else {
-			$link = '<a href="' . get_author_posts_url($author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), attribute_escape($author->display_name)) . '">' . $name . '</a>';
+			$link = '<a href="' . get_author_posts_url($author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), attr($author->display_name)) . '">' . $name . '</a>';
 			if ( (! empty($feed_image)) || (! empty($feed)) ) {
 				$link .= ' ';
--- a/wp-includes/bookmark-template.php
+++ b/wp-includes/bookmark-template.php
@ -72,8 +72,8 @@ function _walk_bookmarks($bookmarks, $args = '' ) {
 		if ( !empty($bookmark->link_url) )
 			$the_link = clean_url($bookmark->link_url);
-		$desc = attribute_escape(sanitize_bookmark_field('link_description', $bookmark->link_description, $bookmark->link_id, 'display'));
+		$desc = attr(sanitize_bookmark_field('link_description', $bookmark->link_description, $bookmark->link_id, 'display'));
-		$name = attribute_escape(sanitize_bookmark_field('link_name', $bookmark->link_name, $bookmark->link_id, 'display'));
+		$name = attr(sanitize_bookmark_field('link_name', $bookmark->link_name, $bookmark->link_id, 'display'));
 		$title = $desc;
 		if ( $show_updated )
--- a/wp-includes/bookmark.php
+++ b/wp-includes/bookmark.php
@ -345,7 +345,7 @@ function sanitize_bookmark_field($field, $value, $bookmark_id, $context) {
 		if ( in_array($field, $format_to_edit) ) {
 			$value = format_to_edit($value);
 		} else {
-			$value = attribute_escape($value);
+			$value = attr($value);
 		}
 	} else if ( 'db' == $context ) {
 		$value = apply_filters("pre_$field", $value);
@ -355,7 +355,7 @@ function sanitize_bookmark_field($field, $value, $bookmark_id, $context) {
 	}
 	if ( 'attribute' == $context )
-		$value = attribute_escape($value);
+		$value = attr($value);
 	else if ( 'js' == $context )
 		$value = js_escape($value);
--- a/wp-includes/category-template.php
+++ b/wp-includes/category-template.php
@ -661,7 +661,7 @@ function wp_generate_tag_cloud( $tags, $args = '' ) {
 		$tag_link = '#' != $tag->link ? clean_url( $tag->link ) : '#';
 		$tag_id = isset($tags[ $key ]->id) ? $tags[ $key ]->id : $key;
 		$tag_name = $tags[ $key ]->name;
-		$a[] = "<a href='$tag_link' class='tag-link-$tag_id' title='" . attribute_escape( $topic_count_text_callback( $count ) ) . "'$rel style='font-size: " .
+		$a[] = "<a href='$tag_link' class='tag-link-$tag_id' title='" . attr( $topic_count_text_callback( $count ) ) . "'$rel style='font-size: " .
 			( $smallest + ( ( $count - $min_count ) * $font_step ) )
 			. "$unit;'>$tag_name</a>";
 	}
--- a/wp-includes/class.wp-styles.php
+++ b/wp-includes/class.wp-styles.php
@ -48,13 +48,13 @@ class WP_Styles extends WP_Dependencies {
 		}
 		if ( isset($this->registered[$handle]->args) )
-			$media = attribute_escape( $this->registered[$handle]->args );
+			$media = attr( $this->registered[$handle]->args );
 		else
 			$media = 'all';
 		$href = $this->_css_href( $this->registered[$handle]->src, $ver, $handle );
 		$rel = isset($this->registered[$handle]->extra['alt']) && $this->registered[$handle]->extra['alt'] ? 'alternate stylesheet' : 'stylesheet';
-		$title = isset($this->registered[$handle]->extra['title']) ? "title='" . attribute_escape( $this->registered[$handle]->extra['title'] ) . "'" : '';
+		$title = isset($this->registered[$handle]->extra['title']) ? "title='" . attr( $this->registered[$handle]->extra['title'] ) . "'" : '';
 		$end_cond = $tag = '';
 		if ( isset($this->registered[$handle]->extra['conditional']) && $this->registered[$handle]->extra['conditional'] ) {
--- a/wp-includes/classes.php
+++ b/wp-includes/classes.php
@ -1187,7 +1187,7 @@ class Walker_Page extends Walker {
 		$css_class = implode(' ', apply_filters('page_css_class', $css_class, $page));
-		$output .= $indent . '<li class="' . $css_class . '"><a href="' . get_page_link($page->ID) . '" title="' . attribute_escape(apply_filters('the_title', $page->post_title)) . '">' . $link_before . apply_filters('the_title', $page->post_title) . $link_after . '</a>';
+		$output .= $indent . '<li class="' . $css_class . '"><a href="' . get_page_link($page->ID) . '" title="' . attr(apply_filters('the_title', $page->post_title)) . '">' . $link_before . apply_filters('the_title', $page->post_title) . $link_after . '</a>';
 		if ( !empty($show_date) ) {
 			if ( 'modified' == $show_date )
@ -1325,13 +1325,13 @@ class Walker_Category extends Walker {
 	function start_el(&$output, $category, $depth, $args) {
 		extract($args);
-		$cat_name = attribute_escape( $category->name);
+		$cat_name = attr( $category->name);
 		$cat_name = apply_filters( 'list_cats', $cat_name, $category );
 		$link = '<a href="' . get_category_link( $category->term_id ) . '" ';
 		if ( $use_desc_for_title == 0 || empty($category->description) )
 			$link .= 'title="' . sprintf(__( 'View all posts filed under %s' ), $cat_name) . '"';
 		else
-			$link .= 'title="' . attribute_escape( apply_filters( 'category_description', $category->description, $category )) . '"';
+			$link .= 'title="' . attr( apply_filters( 'category_description', $category->description, $category )) . '"';
 		$link .= '>';
 		$link .= $cat_name . '</a>';
--- a/wp-includes/comment-template.php
+++ b/wp-includes/comment-template.php
@ -945,7 +945,7 @@ function comments_popup_link( $zero = false, $one = false, $more = false, $css_c
 	if ( !empty( $css_class ) ) {
 		echo ' class="'.$css_class.'" ';
 	}
-	$title = attribute_escape( get_the_title() );
+	$title = attr( get_the_title() );
 	echo apply_filters( 'comments_popup_link_attributes', '' );
--- a/wp-includes/comment.php
+++ b/wp-includes/comment.php
@ -369,14 +369,14 @@ function sanitize_comment_cookies() {
 	if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
 		$comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
 		$comment_author = stripslashes($comment_author);
-		$comment_author = attribute_escape($comment_author);
+		$comment_author = attr($comment_author);
 		$_COOKIE['comment_author_'.COOKIEHASH] = $comment_author;
 	}
 	if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
 		$comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
 		$comment_author_email = stripslashes($comment_author_email);
-		$comment_author_email = attribute_escape($comment_author_email);
+		$comment_author_email = attr($comment_author_email);
 		$_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email;
 	}
--- a/wp-includes/default-widgets.php
+++ b/wp-includes/default-widgets.php
@ -60,8 +60,8 @@ class WP_Widget_Pages extends WP_Widget {
 	function form( $instance ) {
 		//Defaults
 		$instance = wp_parse_args( (array) $instance, array( 'sortby' => 'post_title', 'title' => '', 'exclude' => '') );
-		$title = attribute_escape( $instance['title'] );
+		$title = attr( $instance['title'] );
-		$exclude = attribute_escape( $instance['exclude'] );
+		$exclude = attr( $instance['exclude'] );
 	?>
 		<p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" /></label></p>
 		<p>
@ -210,7 +210,7 @@ class WP_Widget_Archives extends WP_Widget {
 		if ( $d ) {
 ?>
-		<select name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value=""><?php echo attribute_escape(__('Select Month')); ?></option> <?php wp_get_archives("type=monthly&format=option&show_post_count=$c"); ?> </select>
+		<select name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value=""><?php echo attr(__('Select Month')); ?></option> <?php wp_get_archives("type=monthly&format=option&show_post_count=$c"); ?> </select>
 <?php
 		} else {
 ?>
@ -239,7 +239,7 @@ class WP_Widget_Archives extends WP_Widget {
 		$count = $instance['count'] ? 'checked="checked"' : '';
 		$dropdown = $instance['dropdown'] ? 'checked="checked"' : '';
 ?>
-		<p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attribute_escape($title); ?>" /></label></p>
+		<p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" /></label></p>
 		<p>
 			<label for="<?php echo $this->get_field_id('count'); ?>"><input class="checkbox" type="checkbox" <?php echo $count; ?> id="<?php echo $this->get_field_id('count'); ?>" name="<?php echo $this->get_field_name('count'); ?>" /> <?php _e('Show post counts'); ?></label>
 			<br />
@ -273,9 +273,9 @@ class WP_Widget_Meta extends WP_Widget {
 			<ul>
 			<?php wp_register(); ?>
 			<li><?php wp_loginout(); ?></li>
-			<li><a href="<?php bloginfo('rss2_url'); ?>" title="<?php echo attribute_escape(__('Syndicate this site using RSS 2.0')); ?>"><?php _e('Entries <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
+			<li><a href="<?php bloginfo('rss2_url'); ?>" title="<?php echo attr(__('Syndicate this site using RSS 2.0')); ?>"><?php _e('Entries <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
-			<li><a href="<?php bloginfo('comments_rss2_url'); ?>" title="<?php echo attribute_escape(__('The latest comments to all posts in RSS')); ?>"><?php _e('Comments <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
+			<li><a href="<?php bloginfo('comments_rss2_url'); ?>" title="<?php echo attr(__('The latest comments to all posts in RSS')); ?>"><?php _e('Comments <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
-			<li><a href="http://wordpress.org/" title="<?php echo attribute_escape(__('Powered by WordPress, state-of-the-art semantic personal publishing platform.')); ?>">WordPress.org</a></li>
+			<li><a href="http://wordpress.org/" title="<?php echo attr(__('Powered by WordPress, state-of-the-art semantic personal publishing platform.')); ?>">WordPress.org</a></li>
 			<?php wp_meta(); ?>
 			</ul>
 <?php
@ -293,7 +293,7 @@ class WP_Widget_Meta extends WP_Widget {
 		$instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
 		$title = strip_tags($instance['title']);
 ?>
-			<p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attribute_escape($title); ?>" /></label></p>
+			<p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" /></label></p>
 <?php
 	}
 }
@ -333,7 +333,7 @@ class WP_Widget_Calendar extends WP_Widget {
 ?>
 		<p><label for="<?php echo $this->get_field_id('title'); ?>">
 		<?php _e('Title:'); ?>
-		<input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attribute_escape($title); ?>" />
+		<input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" />
 		</label></p>
 <?php
 	}
@ -381,7 +381,7 @@ class WP_Widget_Text extends WP_Widget {
 ?>
 		<p><label for="<?php echo $this->get_field_id('title'); ?>">
 		<?php _e('Title:'); ?>
-		<input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attribute_escape($title); ?>" />
+		<input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo attr($title); ?>" />
 		</label></p>
 		<textarea class="widefat" rows="16" cols="20" id="<?php echo $this->get_field_id('text'); ?>" name="<?php echo $this->get_field_name('text'); ?>"><?php echo $text; ?></textarea>
@ -463,7 +463,7 @@ class WP_Widget_Categories extends WP_Widget {
 	function form( $instance ) {
 		//Defaults
 		$instance = wp_parse_args( (array) $instance, array( 'title' => '') );
-		$title = attribute_escape( $instance['title'] );
+		$title = attr( $instance['title'] );
 		$count = (bool) $instance['count'];
 		$hierarchical = (bool) $instance['hierarchical'];
 		$dropdown = (bool) $instance['dropdown'];
@ -566,7 +566,7 @@ class WP_Widget_Recent_Posts extends WP_Widget {
 	}
 	function form( $instance ) {
-		$title = attribute_escape($instance['title']);
+		$title = attr($instance['title']);
 		if ( !$number = (int) $instance['number'] )
 			$number = 5;
 ?>
@ -653,7 +653,7 @@ class WP_Widget_Recent_Comments extends WP_Widget {
 	}
 	function form( $instance ) {
-		$title = attribute_escape($instance['title']);
+		$title = attr($instance['title']);
 		if ( !$number = (int) $instance['number'] )
 			$number = 5;
 ?>
@ -702,7 +702,7 @@ class WP_Widget_RSS extends WP_Widget {
 		$link = '';
 		if ( ! is_wp_error($rss) ) {
-			$desc = attribute_escape(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
+			$desc = attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
 			if ( empty($title) )
 				$title = htmlentities(strip_tags($rss->get_title()));
 			$link = clean_url(strip_tags($rss->get_permalink()));
@ -716,7 +716,7 @@ class WP_Widget_RSS extends WP_Widget {
 		$title = apply_filters('widget_title', $title );
 		$url = clean_url(strip_tags($url));
 		$icon = includes_url('images/rss.png');
-		$title = "<a class='rsswidget' href='$url' title='" . attribute_escape(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
+		$title = "<a class='rsswidget' href='$url' title='" . attr(__('Syndicate this content')) ."'><img style='background:orange;color:white;border:none;' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
 		echo $before_widget;
 		echo $before_title . $title . $after_title;
@ -787,11 +787,11 @@ function wp_widget_rss_output( $rss, $args = array() ) {
 		while ( stristr($link, 'http') != $link )
 			$link = substr($link, 1);
 		$link = clean_url(strip_tags($link));
-		$title = attribute_escape(strip_tags($item->get_title()));
+		$title = attr(strip_tags($item->get_title()));
 		if ( empty($title) )
 			$title = __('Untitled');
-		$desc = str_replace(array("\n", "\r"), ' ', attribute_escape(strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset')))));
+		$desc = str_replace(array("\n", "\r"), ' ', attr(strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset')))));
 		$desc = wp_html_excerpt( $desc, 360 ) . ' [&hellip;]';
 		$desc = wp_specialchars( $desc );
@ -850,9 +850,9 @@ function wp_widget_rss_form( $args, $inputs = null ) {
 	extract( $args );
 	extract( $inputs, EXTR_SKIP);
-	$number = attribute_escape( $number );
+	$number = attr( $number );
-	$title  = attribute_escape( $title );
+	$title  = attr( $title );
-	$url    = attribute_escape( $url );
+	$url    = attr( $url );
 	$items  = (int) $items;
 	if ( $items < 1 || 20 < $items )
 		$items  = 10;
@ -984,7 +984,7 @@ class WP_Widget_Tag_Cloud extends WP_Widget {
 ?>
 	<p><label for="<?php echo $this->get_field_id('title'); ?>">
 	<?php _e('Title:') ?>
-	<input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo attribute_escape( $instance['title'] ); ?>" />
+	<input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo attr( $instance['title'] ); ?>" />
 	</label></p>
 <?php
 	}
--- a/wp-includes/deprecated.php
+++ b/wp-includes/deprecated.php
@ -1006,8 +1006,8 @@ function get_links($category = -1, $before = '', $after = '<br />', $between = '
 		if ( '' != $rel )
 			$rel = ' rel="' . $rel . '"';
-		$desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
+		$desc = attr(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
-		$name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
+		$name = attr(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
 		$title = $desc;
 		if ( $show_updated )
--- a/wp-includes/feed-atom-comments.php
+++ b/wp-includes/feed-atom-comments.php
@ -18,7 +18,7 @@ echo '<?xml version="1.0" encoding="' . get_option('blog_charset') . '" ?' . '>'
 		if ( is_singular() )
 			printf(ent2ncr(__('Comments on: %s')), get_the_title_rss());
 		elseif ( is_search() )
-			printf(ent2ncr(__('Comments for %1$s searching on %2$s')), get_bloginfo_rss( 'name' ), attribute_escape(get_search_query()));
+			printf(ent2ncr(__('Comments for %1$s searching on %2$s')), get_bloginfo_rss( 'name' ), attr(get_search_query()));
 		else
 			printf(ent2ncr(__('Comments for %s')), get_bloginfo_rss( 'name' ) . get_wp_title_rss());
 	?></title>
@ -32,7 +32,7 @@ echo '<?xml version="1.0" encoding="' . get_option('blog_charset') . '" ?' . '>'
 	<link rel="self" type="application/atom+xml" href="<?php echo get_post_comments_feed_link('', 'atom'); ?>" />
 	<id><?php echo get_post_comments_feed_link('', 'atom'); ?></id>
 <?php } elseif(is_search()) { ?>
-	<link rel="alternate" type="<?php bloginfo_rss('html_type'); ?>" href="<?php echo get_option('home') . '?s=' . attribute_escape(get_search_query()); ?>" />
+	<link rel="alternate" type="<?php bloginfo_rss('html_type'); ?>" href="<?php echo get_option('home') . '?s=' . attr(get_search_query()); ?>" />
 	<link rel="self" type="application/atom+xml" href="<?php echo get_search_comments_feed_link('', 'atom'); ?>" />
 	<id><?php echo get_search_comments_feed_link('', 'atom'); ?></id>
 <?php } else { ?>
--- a/wp-includes/feed-rss2-comments.php
+++ b/wp-includes/feed-rss2-comments.php
@ -20,7 +20,7 @@ echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>';
 		if ( is_singular() )
 			printf(ent2ncr(__('Comments on: %s')), get_the_title_rss());
 		elseif ( is_search() )
-			printf(ent2ncr(__('Comments for %s searching on %s')), get_bloginfo_rss( 'name' ), attribute_escape($wp_query->query_vars['s']));
+			printf(ent2ncr(__('Comments for %s searching on %s')), get_bloginfo_rss( 'name' ), attr($wp_query->query_vars['s']));
 		else
 			printf(ent2ncr(__('Comments for %s')), get_bloginfo_rss( 'name' ) . get_wp_title_rss());
 	?></title>
--- a/wp-includes/feed.php
+++ b/wp-includes/feed.php
@ -338,7 +338,7 @@ function get_the_category_rss($type = 'rss') {
 		if ( 'rdf' == $type )
 			$the_list .= "\t\t<dc:subject><![CDATA[$cat_name]]></dc:subject>\n";
 		elseif ( 'atom' == $type )
-			$the_list .= sprintf( '<category scheme="%1$s" term="%2$s" />', attribute_escape( apply_filters( 'get_bloginfo_rss', get_bloginfo( 'url' ) ) ), attribute_escape( $cat_name ) );
+			$the_list .= sprintf( '<category scheme="%1$s" term="%2$s" />', attr( apply_filters( 'get_bloginfo_rss', get_bloginfo( 'url' ) ) ), attr( $cat_name ) );
 		else
 			$the_list .= "\t\t<category><![CDATA[" . @html_entity_decode( $cat_name, ENT_COMPAT, get_option('blog_charset') ) . "]]></category>\n";
 	}
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@ -1270,7 +1270,7 @@ function translate_smiley($smiley) {
 	$smiley = trim(reset($smiley));
 	$img = $wpsmiliestrans[$smiley];
-	$smiley_masked = attribute_escape($smiley);
+	$smiley_masked = attr($smiley);
 	return " <img src='$siteurl/wp-includes/images/smilies/$img' alt='$smiley_masked' class='wp-smiley' /> ";
 }
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@ -385,7 +385,7 @@ function wp_protect_special_option( $option ) {
 /**
 * Print option value after sanitizing for forms.
 *
- * @uses attribute_escape Sanitizes value.
+ * @uses attr Sanitizes value.
 * @since 1.5.0
 * @package WordPress
 * @subpackage Option
@ -393,7 +393,7 @@ function wp_protect_special_option( $option ) {
 * @param string $option Option name.
 */
 function form_option( $option ) {
-	echo attribute_escape (get_option( $option ) );
+	echo attr (get_option( $option ) );
 }
 /**
@ -1741,7 +1741,7 @@ function wp_nonce_url( $actionurl, $action = -1 ) {
 * @return string Nonce field.
 */
 function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $echo = true ) {
-	$name = attribute_escape( $name );
+	$name = attr( $name );
 	$nonce_field = '<input type="hidden" id="' . $name . '" name="' . $name . '" value="' . wp_create_nonce( $action ) . '" />';
 	if ( $echo )
 		echo $nonce_field;
@ -1766,7 +1766,7 @@ function wp_nonce_field( $action = -1, $name = "_wpnonce", $referer = true , $ec
 * @return string Referer field.
 */
 function wp_referer_field( $echo = true) {
-	$ref = attribute_escape( $_SERVER['REQUEST_URI'] );
+	$ref = attr( $_SERVER['REQUEST_URI'] );
 	$referer_field = '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />';
 	if ( $echo )
@ -1792,7 +1792,7 @@ function wp_referer_field( $echo = true) {
 function wp_original_referer_field( $echo = true, $jump_back_to = 'current' ) {
 	$jump_back_to = ( 'previous' == $jump_back_to ) ? wp_get_referer() : $_SERVER['REQUEST_URI'];
 	$ref = ( wp_get_original_referer() ) ? wp_get_original_referer() : $jump_back_to;
-	$orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape( stripslashes( $ref ) ) . '" />';
+	$orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . attr( stripslashes( $ref ) ) . '" />';
 	if ( $echo )
 		echo $orig_referer_field;
 	return $orig_referer_field;
--- a/wp-includes/general-template.php
+++ b/wp-includes/general-template.php
@ -120,8 +120,8 @@ function get_search_form() {
 	$form = '<form role="search" method="get" id="searchform" action="' . get_option('home') . '/" >
 	<div><label class="hidden" for="s">' . __('Search for:') . '</label>
-	<input type="text" value="' . attribute_escape(apply_filters('the_search_query', get_search_query())) . '" name="s" id="s" />
+	<input type="text" value="' . attr(apply_filters('the_search_query', get_search_query())) . '" name="s" id="s" />
-	<input type="submit" id="searchsubmit" value="'.attribute_escape(__('Search')).'" />
+	<input type="submit" id="searchsubmit" value="'.attr(__('Search')).'" />
 	</div>
 	</form>';
@ -688,7 +688,7 @@ function single_month_title($prefix = '', $display = true ) {
 */
 function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
 	$text = wptexturize($text);
-	$title_text = attribute_escape($text);
+	$title_text = attr($text);
 	$url = clean_url($url);
 	if ('link' == $format)
@ -1434,8 +1434,8 @@ function feed_links( $args ) {
 	$args = wp_parse_args( $args, $defaults );
-	echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . attribute_escape(sprintf( $args['feedtitle'], get_bloginfo('name') )) . '" href="' . get_feed_link() . "\" />\n";
+	echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . attr(sprintf( $args['feedtitle'], get_bloginfo('name') )) . '" href="' . get_feed_link() . "\" />\n";
-	echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . attribute_escape(sprintf( $args['comstitle'], get_bloginfo('name') )) . '" href="' . get_feed_link( 'comments_' . get_default_feed() ) . "\" />\n";
+	echo '<link rel="alternate" type="' . feed_content_type() . '" title="' . attr(sprintf( $args['comstitle'], get_bloginfo('name') )) . '" href="' . get_feed_link( 'comments_' . get_default_feed() ) . "\" />\n";
 }
 /**
@ -1467,27 +1467,27 @@ function feed_links_extra( $args ) {
 		$post = &get_post( $id = 0 );
 		if ( comments_open() || pings_open() || $post->comment_count > 0 ) {
-			$title = attribute_escape(sprintf( $args['singletitle'], get_bloginfo('name'), $args['separator'], wp_specialchars( get_the_title() ) ));
+			$title = attr(sprintf( $args['singletitle'], get_bloginfo('name'), $args['separator'], wp_specialchars( get_the_title() ) ));
 			$href = get_post_comments_feed_link( $post->ID );
 		}
 	} elseif ( is_category() ) {
 		$cat_id = intval( get_query_var('cat') );
-		$title = attribute_escape(sprintf( $args['cattitle'], get_bloginfo('name'), $args['separator'], get_cat_name( $cat_id ) ));
+		$title = attr(sprintf( $args['cattitle'], get_bloginfo('name'), $args['separator'], get_cat_name( $cat_id ) ));
 		$href = get_category_feed_link( $cat_id );
 	} elseif ( is_tag() ) {
 		$tag_id = intval( get_query_var('tag_id') );
 		$tag = get_tag( $tag_id );
-		$title = attribute_escape(sprintf( $args['tagtitle'], get_bloginfo('name'), $args['separator'], $tag->name ));
+		$title = attr(sprintf( $args['tagtitle'], get_bloginfo('name'), $args['separator'], $tag->name ));
 		$href = get_tag_feed_link( $tag_id );
 	} elseif ( is_author() ) {
 		$author_id = intval( get_query_var('author') );
-		$title = attribute_escape(sprintf( $args['authortitle'], get_bloginfo('name'), $args['separator'], get_author_name( $author_id ) ));
+		$title = attr(sprintf( $args['authortitle'], get_bloginfo('name'), $args['separator'], get_author_name( $author_id ) ));
 		$href = get_author_feed_link( $author_id );
 	} elseif ( is_search() ) {
-		$title = attribute_escape(sprintf( $args['searchtitle'], get_bloginfo('name'), $args['separator'], get_search_query() ));
+		$title = attr(sprintf( $args['searchtitle'], get_bloginfo('name'), $args['separator'], get_search_query() ));
 		$href = get_search_feed_link();
 	}
@ -1678,14 +1678,14 @@ function get_search_query() {
 /**
 * Display the contents of the search query variable.
 *
- * The search query string is passed through {@link attribute_escape()}
+ * The search query string is passed through {@link attr()}
 * to ensure that it is safe for placing in an html attribute.
 *
- * @uses attribute_escape
+ * @uses attr
 * @since 2.1.0
 */
 function the_search_query() {
-	echo attribute_escape( apply_filters( 'the_search_query', get_search_query() ) );
+	echo attr( apply_filters( 'the_search_query', get_search_query() ) );
 }
 /**
--- a/wp-includes/link-template.php
+++ b/wp-includes/link-template.php
@ -619,9 +619,9 @@ function edit_tag_link( $link = '', $before = '', $after = '', $tag = null ) {
 */
 function get_search_feed_link($search_query = '', $feed = '') {
 	if ( empty($search_query) )
-		$search = attribute_escape(get_search_query());
+		$search = attr(get_search_query());
 	else
-		$search = attribute_escape(stripslashes($search_query));
+		$search = attr(stripslashes($search_query));
 	if ( empty($feed) )
 		$feed = get_default_feed();
@ -644,9 +644,9 @@ function get_search_feed_link($search_query = '', $feed = '') {
 */
 function get_search_comments_feed_link($search_query = '', $feed = '') {
 	if ( empty($search_query) )
-		$search = attribute_escape(get_search_query());
+		$search = attr(get_search_query());
 	else
-		$search = attribute_escape(stripslashes($search_query));
+		$search = attr(stripslashes($search_query));
 	if ( empty($feed) )
 		$feed = get_default_feed();
@ -730,7 +730,7 @@ function edit_post_link( $link = 'Edit This', $before = '', $after = '' ) {
 			return;
 	}
-	$link = '<a class="post-edit-link" href="' . get_edit_post_link( $post->ID ) . '" title="' . attribute_escape( __( 'Edit post' ) ) . '">' . $link . '</a>';
+	$link = '<a class="post-edit-link" href="' . get_edit_post_link( $post->ID ) . '" title="' . attr( __( 'Edit post' ) ) . '">' . $link . '</a>';
 	echo $before . apply_filters( 'edit_post_link', $link, $post->ID ) . $after;
 }
@ -940,7 +940,7 @@ function get_adjacent_post_rel_link($title = '%title', $in_same_cat = false, $ex
 	$title = apply_filters('the_title', $title, $post);
 	$link = $previous ? "<link rel='prev' title='" : "<link rel='next' title='";
-	$link .= attribute_escape( $title );
+	$link .= attr( $title );
 	$link .= "' href='" . get_permalink($post) . "' />\n";
 	$adjacent = $previous ? 'previous' : 'next';
@ -1064,7 +1064,7 @@ function get_boundary_post_rel_link($title = '%title', $in_same_cat = false, $ex
 	$title = apply_filters('the_title', $title, $post);
 	$link = $start ? "<link rel='start' title='" : "<link rel='end' title='";
-	$link .= attribute_escape($title);
+	$link .= attr($title);
 	$link .= "' href='" . get_permalink($post) . "' />\n";
 	$boundary = $start ? 'start' : 'end';
@ -1092,7 +1092,7 @@ function start_post_rel_link($title = '%title', $in_same_cat = false, $excluded_
 * @return string
 */
 function get_index_rel_link() {
-	$link = "<link rel='index' title='" . attribute_escape(get_bloginfo('name')) . "' href='" . get_bloginfo('siteurl') . "' />\n";
+	$link = "<link rel='index' title='" . attr(get_bloginfo('name')) . "' href='" . get_bloginfo('siteurl') . "' />\n";
 	return apply_filters( "index_rel_link", $link );
 }
@ -1127,7 +1127,7 @@ function get_parent_post_rel_link($title = '%title') {
 	$title = apply_filters('the_title', $title, $post);
 	$link = "<link rel='up' title='";
-	$link .= attribute_escape( $title );
+	$link .= attr( $title );
 	$link .= "' href='" . get_permalink($post) . "' />\n";
 	return apply_filters( "parent_post_rel_link", $link );
--- a/wp-includes/media.php
+++ b/wp-includes/media.php
@ -200,10 +200,10 @@ function get_image_tag($id, $alt, $title, $align, $size='medium') {
 	list( $img_src, $width, $height ) = image_downsize($id, $size);
 	$hwstring = image_hwstring($width, $height);
-	$class = 'align'.attribute_escape($align).' size-'.attribute_escape($size).' wp-image-'.$id;
+	$class = 'align'.attr($align).' size-'.attr($size).' wp-image-'.$id;
 	$class = apply_filters('get_image_tag_class', $class, $id, $align, $size);
-	$html = '<img src="'.attribute_escape($img_src).'" alt="'.attribute_escape($alt).'" title="'.attribute_escape($title).'" '.$hwstring.'class="'.$class.'" />';
+	$html = '<img src="'.attr($img_src).'" alt="'.attr($alt).'" title="'.attr($title).'" '.$hwstring.'class="'.$class.'" />';
 	$html = apply_filters( 'get_image_tag', $html, $id, $alt, $title, $align, $size );
@ -542,7 +542,7 @@ function wp_get_attachment_image($attachment_id, $size = 'thumbnail', $icon = fa
 			'title'	=> trim(strip_tags( $attachment->post_title )),
 			);
 		$attr = apply_filters( 'wp_get_attachment_image_attributes', $attr, $attachment );
-		$attr = array_map( 'attribute_escape', $attr );
+		$attr = array_map( 'attr', $attr );
 		$html = rtrim("<img $hwstring");
 		foreach ( $attr as $name => $value ) {
 			$html .= " $name=" . '"' . $value . '"';
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@ -1499,7 +1499,7 @@ function get_avatar( $id_or_email, $size = '96', $default = '', $alt = false ) {
 	if ( false === $alt)
 		$safe_alt = '';
 	else
-		$safe_alt = attribute_escape( $alt );
+		$safe_alt = attr( $alt );
 	if ( !is_numeric($size) )
 		$size = '96';
--- a/wp-includes/post-template.php
+++ b/wp-includes/post-template.php
@ -63,7 +63,7 @@ function the_title($before = '', $after = '', $echo = true) {
 * an array. See the function for what can be override in the $args parameter.
 *
 * The title before it is displayed will have the tags stripped and {@link
- * attribute_escape()} before it is passed to the user or displayed. The default
+ * attr()} before it is passed to the user or displayed. The default
 * as with {@link the_title()}, is to display the title.
 *
 * @since 2.3.0
@ -83,7 +83,7 @@ function the_title_attribute( $args = '' ) {
 	$title = $before . $title . $after;
-	$title = attribute_escape(strip_tags($title));
+	$title = attr(strip_tags($title));
 	if ( $echo )
 		echo $title;
@ -924,10 +924,10 @@ function wp_get_attachment_link($id = 0, $size = 'thumbnail', $permalink = false
 	if ( $permalink )
 		$url = get_attachment_link($_post->ID);
-	$post_title = attribute_escape($_post->post_title);
+	$post_title = attr($_post->post_title);
 	if ( $text ) {
-		$link_text = attribute_escape($text);
+		$link_text = attr($text);
 	} elseif ( ( is_int($size) && $size != 0 ) or ( is_string($size) && $size != 'none' ) or $size != false ) {
 		$link_text = wp_get_attachment_image($id, $size, $icon);
 	}
@ -961,7 +961,7 @@ function get_the_attachment_link($id = 0, $fullsize = false, $max_dims = false,
 	if ( $permalink )
 		$url = get_attachment_link($_post->ID);
-	$post_title = attribute_escape($_post->post_title);
+	$post_title = attr($_post->post_title);
 	$innerHTML = get_attachment_innerHTML($_post->ID, $fullsize, $max_dims);
 	return "<a href='$url' title='$post_title'>$innerHTML</a>";
@ -1057,7 +1057,7 @@ function get_attachment_icon( $id = 0, $fullsize = false, $max_dims = false ) {
 		$constraint = '';
 	}
-	$post_title = attribute_escape($post->post_title);
+	$post_title = attr($post->post_title);
 	$icon = "<img src='$src' title='$post_title' alt='$post_title' $constraint/>";
@ -1085,7 +1085,7 @@ function get_attachment_innerHTML($id = 0, $fullsize = false, $max_dims = false)
 		return $innerHTML;
-	$innerHTML = attribute_escape($post->post_title);
+	$innerHTML = attr($post->post_title);
 	return apply_filters('attachment_innerHTML', $innerHTML, $post->ID);
 }
--- a/wp-includes/post.php
+++ b/wp-includes/post.php
@ -869,7 +869,7 @@ function sanitize_post_field($field, $value, $post_id, $context) {
 			else
 				$value = format_to_edit($value);
 		} else {
-			$value = attribute_escape($value);
+			$value = attr($value);
 		}
 	} else if ( 'db' == $context ) {
 		if ( $prefixed ) {
@ -888,7 +888,7 @@ function sanitize_post_field($field, $value, $post_id, $context) {
 	}
 	if ( 'attribute' == $context )
-		$value = attribute_escape($value);
+		$value = attr($value);
 	else if ( 'js' == $context )
 		$value = js_escape($value);
--- a/wp-includes/rss.php
+++ b/wp-includes/rss.php
@ -873,7 +873,7 @@ function wp_rss( $url, $num_items = -1 ) {
 			printf(
 				'<li><a href="%1$s" title="%2$s">%3$s</a></li>',
 				clean_url( $item['link'] ),
-				attribute_escape( strip_tags( $item['description'] ) ),
+				attr( strip_tags( $item['description'] ) ),
 				htmlentities( $item['title'] )
 			);
 		}
--- a/wp-includes/script-loader.php
+++ b/wp-includes/script-loader.php
@ -74,10 +74,10 @@ function wp_default_scripts( &$scripts ) {
 	$scripts->localize( 'quicktags', 'quicktagsL10n', array(
 		'quickLinks' => __('(Quick Links)'),
 		'wordLookup' => __('Enter a word to look up:'),
-		'dictionaryLookup' => attribute_escape(__('Dictionary lookup')),
+		'dictionaryLookup' => attr(__('Dictionary lookup')),
-		'lookup' => attribute_escape(__('lookup')),
+		'lookup' => attr(__('lookup')),
-		'closeAllOpenTags' => attribute_escape(__('Close all open tags')),
+		'closeAllOpenTags' => attr(__('Close all open tags')),
-		'closeTags' => attribute_escape(__('close tags')),
+		'closeTags' => attr(__('close tags')),
 		'enterURL' => __('Enter the URL'),
 		'enterImageURL' => __('Enter the URL of the image'),
 		'enterImageDescription' => __('Enter a description of the image'),
@ -212,7 +212,7 @@ function wp_default_scripts( &$scripts ) {
 		$scripts->add( 'ajaxcat', "/wp-admin/js/cat$suffix.js", array( 'wp-lists' ), '20090102' );
 		$scripts->add_data( 'ajaxcat', 'group', 1 );
 		$scripts->localize( 'ajaxcat', 'catL10n', array(
-			'add' => attribute_escape(__('Add')),
+			'add' => attr(__('Add')),
 			'how' => __('Separate multiple categories with commas.'),
 			'l10n_print_after' => 'try{convertEntities(catL10n);}catch(e){};'
 		) );
@ -266,8 +266,8 @@ function wp_default_scripts( &$scripts ) {
 		$scripts->add_data( 'post', 'group', 1 );
 		$scripts->localize( 'post', 'postL10n', array(
 			'tagsUsed' =>  __('Tags used on this post:'),
-			'add' => attribute_escape(__('Add')),
+			'add' => attr(__('Add')),
-			'addTag' => attribute_escape(__('Add new tag')),
+			'addTag' => attr(__('Add new tag')),
 			'separate' => __('Separate tags with commas'),
 			'cancel' => __('Cancel'),
 			'edit' => __('Edit'),
@ -604,7 +604,7 @@ function _print_scripts() {
 		$ver = md5("$wp_scripts->concat_version");
 		$src = $wp_scripts->base_url . "/wp-admin/load-scripts.php?c={$zip}&load=" . trim($wp_scripts->concat, ', ') . "&ver=$ver";
-		echo "<script type='text/javascript' src='" . attribute_escape($src) . "'></script>\n";
+		echo "<script type='text/javascript' src='" . attr($src) . "'></script>\n";
 	}
 	if ( !empty($wp_scripts->print_html) )
@ -671,7 +671,7 @@ function print_admin_styles() {
 			$dir = $wp_styles->text_direction;
 			$ver = md5("$wp_styles->concat_version{$dir}");
 			$href = $wp_styles->base_url . "/wp-admin/load-styles.php?c={$zip}&dir={$dir}&load=" . trim($wp_styles->concat, ', ') . "&ver=$ver";
-			echo "<link rel='stylesheet' href='" . attribute_escape($href) . "' type='text/css' media='all' />\n";
+			echo "<link rel='stylesheet' href='" . attr($href) . "' type='text/css' media='all' />\n";
 		}
 		if ( !empty($wp_styles->print_html) )
--- a/wp-includes/taxonomy.php
+++ b/wp-includes/taxonomy.php
@ -991,7 +991,7 @@ function sanitize_term_field($field, $value, $term_id, $taxonomy, $context) {
 		if ( 'description' == $field )
 			$value = format_to_edit($value);
 		else
-			$value = attribute_escape($value);
+			$value = attr($value);
 	} else if ( 'db' == $context ) {
 		$value = apply_filters("pre_term_$field", $value, $taxonomy);
 		$value = apply_filters("pre_${taxonomy}_$field", $value);
@ -1009,7 +1009,7 @@ function sanitize_term_field($field, $value, $term_id, $taxonomy, $context) {
 	}
 	if ( 'attribute' == $context )
-		$value = attribute_escape($value);
+		$value = attr($value);
 	else if ( 'js' == $context )
 		$value = js_escape($value);
@ -2260,7 +2260,7 @@ function get_the_taxonomies($post = 0) {
 		$links = array();
 		foreach ( $terms as $term )
-			$links[] = "<a href='" . attribute_escape(get_term_link($term, $taxonomy)) . "'>$term->name</a>";
+			$links[] = "<a href='" . attr(get_term_link($term, $taxonomy)) . "'>$term->name</a>";
 		if ( $links )
 			$taxonomies[$taxonomy] = wp_sprintf($t['template'], $t['label'], $links, $terms);
--- a/wp-includes/theme.php
+++ b/wp-includes/theme.php
@ -932,7 +932,7 @@ function preview_theme_ob_filter_callback( $matches ) {
 	$link = add_query_arg( array('preview' => 1, 'template' => $_GET['template'], 'stylesheet' => @$_GET['stylesheet'] ), $matches[3] );
 	if ( 0 === strpos($link, 'preview=1') )
 		$link = "?$link";
-	return $matches[1] . attribute_escape( $link ) . $matches[4];
+	return $matches[1] . attr( $link ) . $matches[4];
 }
 /**
--- a/wp-includes/update.php
+++ b/wp-includes/update.php
@ -62,15 +62,15 @@ function wp_version_check() {
 	foreach( explode( "\n\n", $body ) as $entry) {
 		$returns = explode("\n", $entry);
 		$new_option = new stdClass();
-		$new_option->response = attribute_escape( $returns[0] );
+		$new_option->response = attr( $returns[0] );
 		if ( isset( $returns[1] ) )
 			$new_option->url = clean_url( $returns[1] );
 		if ( isset( $returns[2] ) )
 			$new_option->package = clean_url( $returns[2] );
 		if ( isset( $returns[3] ) )
-			$new_option->current = attribute_escape( $returns[3] );
+			$new_option->current = attr( $returns[3] );
 		if ( isset( $returns[4] ) )
-			$new_option->locale = attribute_escape( $returns[4] );
+			$new_option->locale = attr( $returns[4] );
 		$new_options[] = $new_option;
 	}
--- a/wp-links-opml.php
+++ b/wp-links-opml.php
@ -29,7 +29,7 @@ if ((empty ($link_cat)) || ($link_cat == 'all') || ($link_cat == '0')) {
 <?php the_generator( 'comment' ); ?>
 <opml version="1.0">
 	<head>
-		<title>Links for <?php echo attribute_escape(get_bloginfo('name', 'display').$cat_name); ?></title>
+		<title>Links for <?php echo attr(get_bloginfo('name', 'display').$cat_name); ?></title>
 		<dateCreated><?php echo gmdate("D, d M Y H:i:s"); ?> GMT</dateCreated>
 	</head>
 	<body>
@ -44,14 +44,14 @@ foreach ((array) $cats as $cat) {
 	$catname = apply_filters('link_category', $cat->name);
 ?>
-<outline type="category" title="<?php echo attribute_escape($catname); ?>">
+<outline type="category" title="<?php echo attr($catname); ?>">
 <?php
 	$bookmarks = get_bookmarks("category={$cat->term_id}");
 	foreach ((array) $bookmarks as $bookmark) {
-		$title = attribute_escape(apply_filters('link_title', $bookmark->link_name));
+		$title = attr(apply_filters('link_title', $bookmark->link_name));
 ?>
-	<outline text="<?php echo $title; ?>" type="link" xmlUrl="<?php echo attribute_escape($bookmark->link_rss); ?>" htmlUrl="<?php echo attribute_escape($bookmark->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $bookmark->link_updated) echo $bookmark->link_updated; ?>" />
+	<outline text="<?php echo $title; ?>" type="link" xmlUrl="<?php echo attr($bookmark->link_rss); ?>" htmlUrl="<?php echo attr($bookmark->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $bookmark->link_updated) echo $bookmark->link_updated; ?>" />
 <?php
 	}
--- a/wp-login.php
+++ b/wp-login.php
@ -307,7 +307,7 @@ case 'retrievepassword' :
 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo site_url('wp-login.php?action=lostpassword', 'login_post') ?>" method="post">
 	<p>
 		<label><?php _e('Username or E-mail:') ?><br />
-		<input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape($user_login); ?>" size="20" tabindex="10" /></label>
+		<input type="text" name="user_login" id="user_login" class="input" value="<?php echo attr($user_login); ?>" size="20" tabindex="10" /></label>
 	</p>
 <?php do_action('lostpassword_form'); ?>
 	<p class="submit"><input type="submit" name="wp-submit" id="wp-submit" value="<?php _ea('Get New Password'); ?>" tabindex="100" /></p>
@ -374,11 +374,11 @@ case 'register' :
 <form name="registerform" id="registerform" action="<?php echo site_url('wp-login.php?action=register', 'login_post') ?>" method="post">
 	<p>
 		<label><?php _e('Username') ?><br />
-		<input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
+		<input type="text" name="user_login" id="user_login" class="input" value="<?php echo attr(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
 	</p>
 	<p>
 		<label><?php _e('E-mail') ?><br />
-		<input type="text" name="user_email" id="user_email" class="input" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>
+		<input type="text" name="user_email" id="user_email" class="input" value="<?php echo attr(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>
 	</p>
 <?php do_action('register_form'); ?>
 	<p id="reg_passmail"><?php _e('A password will be e-mailed to you.') ?></p>
@ -460,7 +460,7 @@ default:
 	login_header(__('Log In'), '', $errors);
 	if ( isset($_POST['log']) )
-		$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? attribute_escape(stripslashes($_POST['log'])) : '';
+		$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? attr(stripslashes($_POST['log'])) : '';
 ?>
 <?php if ( !isset($_GET['checkemail']) || !in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
@ -477,7 +477,7 @@ default:
 	<p class="forgetmenot"><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _ea('Remember Me'); ?></label></p>
 	<p class="submit">
 		<input type="submit" name="wp-submit" id="wp-submit" value="<?php _ea('Log In'); ?>" tabindex="100" />
-		<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($redirect_to); ?>" />
+		<input type="hidden" name="redirect_to" value="<?php echo attr($redirect_to); ?>" />
 		<input type="hidden" name="testcookie" value="1" />
 	</p>
 </form>