Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-02 05:31:25 +01:00
Code Issues Projects Releases Wiki Activity

Fix for bug #0000092: Special chars were not encoded correctly.

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@1436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
jverber 2004-06-19 02:13:48 +00:00
parent 6fd6b1080d
commit 363ea80470
2 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-admin/link-categories.php
View File

@ -121,7 +121,7 @@ switch ($action) {
</ul> </ul>
<div class="wrap"> <div class="wrap">
<h2>Edit &#8220;<?php echo $row->cat_name?>&#8221; Category </h2> <h2>Edit &#8220;<?php echo htmlspecialchars($row->cat_name)?>&#8221; Category </h2>
<form name="editcat" method="post"> <form name="editcat" method="post">
<input type="hidden" name="action" value="editedcat" /> <input type="hidden" name="action" value="editedcat" />
@ -131,7 +131,7 @@ switch ($action) {
<table class="editform" width="100%" cellspacing="2" cellpadding="5"> <table class="editform" width="100%" cellspacing="2" cellpadding="5">
<tr> <tr>
<th width="33%" scope="row"><?php _e('Name:') ?></th> <th width="33%" scope="row"><?php _e('Name:') ?></th>
<td width="67%"><input name="cat_name" type="text" value="<?php echo $row->cat_name?>" size="30" /></td> <td width="67%"><input name="cat_name" type="text" value="<?php echo htmlspecialchars($row->cat_name)?>" size="30" /></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><?php _e('Show:') ?></th> <th scope="row"><?php _e('Show:') ?></th>
@ -332,7 +332,7 @@ foreach ($results as $row) {
$style = ($i % 2) ? ' class="alternate"' : ''; $style = ($i % 2) ? ' class="alternate"' : '';
?> ?>
<tr valign="middle" align="center" <?php echo $style ?> style="border-bottom: 1px dotted #9C9A9C;"> <tr valign="middle" align="center" <?php echo $style ?> style="border-bottom: 1px dotted #9C9A9C;">
<td><?php echo $row->cat_name?></td> <td><?php echo htmlspecialchars($row->cat_name)?></td>
<td ><?php echo $row->cat_id?></td> <td ><?php echo $row->cat_id?></td>
<td><?php echo $row->auto_toggle?></td> <td><?php echo $row->auto_toggle?></td>
<td><?php echo $row->show_images?></td> <td><?php echo $row->show_images?></td>

14
wp-admin/link-manager.php
View File

@ -312,17 +312,17 @@ switch ($action) {
WHERE link_id = $link_id"); WHERE link_id = $link_id");
if ($row) { if ($row) {
$link_url = $row->link_url; $link_url = htmlspecialchars($row->link_url);
$link_name = $row->link_name; $link_name = htmlspecialchars($row->link_name);
$link_image = $row->link_image; $link_image = $row->link_image;
$link_target = $row->link_target; $link_target = $row->link_target;
$link_category = $row->link_category; $link_category = $row->link_category;
$link_description = $row->link_description; $link_description = htmlspecialchars($row->link_description);
$link_visible = $row->link_visible; $link_visible = $row->link_visible;
$link_rating = $row->link_rating; $link_rating = $row->link_rating;
$link_rel = $row->link_rel; $link_rel = $row->link_rel;
$link_notes = $row->link_notes; $link_notes = htmlspecialchars($row->link_notes);
$link_rss_uri = $row->link_rss; $link_rss_uri = htmlspecialchars($row->link_rss);
} }
?> ?>
@ -690,6 +690,10 @@ function checkAll(form)
$links = $wpdb->get_results($sql); $links = $wpdb->get_results($sql);
if ($links) { if ($links) {
foreach ($links as $link) { foreach ($links as $link) {
$link->link_name = htmlspecialchars($link->link_name);
$link->link_category = htmlspecialchars($link->link_category);
$link->link_description = htmlspecialchars($link->link_description);
$link->link_url = htmlspecialchars($link->link_url);
$short_url = str_replace('http://', '', $link->link_url); $short_url = str_replace('http://', '', $link->link_url);
$short_url = str_replace('www.', '', $short_url); $short_url = str_replace('www.', '', $short_url);
if ('/' == substr($short_url, -1)) if ('/' == substr($short_url, -1))