Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

new function for escaping within attributes: attribute_escape() 

git-svn-id: http://svn.automattic.com/wordpress/trunk@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith 2006-12-21 10:10:04 +00:00
parent deb53f7027
commit 5a76c03203
37 changed files with 126 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
wp-admin/admin-ajax.php
View File

@ -13,9 +13,9 @@ function get_out_now() { exit; }
add_action( 'shutdown', 'get_out_now', -1 );
function wp_ajax_meta_row( $pid, $mid, $key, $value ) {
$value = wp_specialchars($value, true);
$value = attribute_escape($value);
$key_js = addslashes(wp_specialchars($key, 'double'));
$key = wp_specialchars($key, true);
$key = attribute_escape($key);
$r .= "<tr id='meta-$mid'><td valign='top'>";
$r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater(&#039;meta&#039;,&#039;meta-$mid&#039;);\",event);' type='text' size='20' value='$key' />";
$r .= "</td><td><textarea name='meta[$mid][value]' tabindex='6' rows='2' cols='30'>$value</textarea></td><td align='center'>";
@ -141,7 +141,7 @@ case 'add-cat' : // From Manage->Categories
$cat_full_name = $_cat->cat_name . ' &#8212; ' . $cat_full_name;
$level++;
}
$cat_full_name = wp_specialchars( $cat_full_name, 1 );
$cat_full_name = attribute_escape( $cat_full_name);
$x = new WP_Ajax_Response( array(
'what' => 'cat',

48
wp-admin/admin-functions.php
View File

@ -323,7 +323,7 @@ function get_default_post_to_edit() {
else if ( !empty( $post_title ) ) {
$text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) );
$text = funky_javascript_fix( $text);
$popupurl = wp_specialchars( $_REQUEST['popupurl'] );
$popupurl = attribute_escape($_REQUEST['popupurl']);
$post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
}
@ -380,16 +380,16 @@ function wp_dropdown_roles( $default = false ) {
function get_user_to_edit( $user_id ) {
$user = new WP_User( $user_id );
$user->user_login = wp_specialchars( $user->user_login, 1 );
$user->user_email = wp_specialchars( $user->user_email, 1 );
$user->user_url = wp_specialchars( $user->user_url, 1 );
$user->first_name = wp_specialchars( $user->first_name, 1 );
$user->last_name = wp_specialchars( $user->last_name, 1 );
$user->display_name = wp_specialchars( $user->display_name, 1 );
$user->nickname = wp_specialchars( $user->nickname, 1 );
$user->aim = wp_specialchars( $user->aim, 1 );
$user->yim = wp_specialchars( $user->yim, 1 );
$user->jabber = wp_specialchars( $user->jabber, 1 );
$user->user_login = attribute_escape( $user->user_login);
$user->user_email = attribute_escape( $user->user_email);
$user->user_url = attribute_escape( $user->user_url);
$user->first_name = attribute_escape( $user->first_name);
$user->last_name = attribute_escape( $user->last_name);
$user->display_name = attribute_escape( $user->display_name);
$user->nickname = attribute_escape( $user->nickname);
$user->aim = attribute_escape( $user->aim);
$user->yim = attribute_escape( $user->yim);
$user->jabber = attribute_escape( $user->jabber);
$user->description = wp_specialchars( $user->description );
return $user;
@ -527,13 +527,13 @@ function edit_user( $user_id = 0 ) {
function get_link_to_edit( $link_id ) {
$link = get_link( $link_id );
$link->link_url = wp_specialchars( $link->link_url, 1 );
$link->link_name = wp_specialchars( $link->link_name, 1 );
$link->link_image = wp_specialchars( $link->link_image, 1 );
$link->link_description = wp_specialchars( $link->link_description, 1 );
$link->link_url = attribute_escape( $link->link_url);
$link->link_name = attribute_escape( $link->link_name);
$link->link_image = attribute_escape( $link->link_image);
$link->link_description = attribute_escape( $link->link_description);
$link->link_notes = wp_specialchars( $link->link_notes );
$link->link_rss = wp_specialchars( $link->link_rss, 1 );
$link->link_rel = wp_specialchars( $link->link_rel, 1 );
$link->link_rss = attribute_escape( $link->link_rss);
$link->link_rel = attribute_escape( $link->link_rel);
$link->post_category = $link->link_category;
return $link;
@ -541,12 +541,12 @@ function get_link_to_edit( $link_id ) {
function get_default_link_to_edit() {
if ( isset( $_GET['linkurl'] ) )
$link->link_url = wp_specialchars( $_GET['linkurl'], 1 );
$link->link_url = attribute_escape( $_GET['linkurl']);
else
$link->link_url = '';
if ( isset( $_GET['name'] ) )
$link->link_name = wp_specialchars( $_GET['name'], 1 );
$link->link_name = attribute_escape( $_GET['name']);
else
$link->link_name = '';
@ -831,7 +831,7 @@ function user_row( $user_object, $style = '' ) {
}
$r .= "</td>\n\t\t<td>";
if ( current_user_can( 'edit_user', $user_object->ID ) ) {
$edit_link = wp_specialchars( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" ) );
$edit_link = attribute_escape( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), "user-edit.php?user_id=$user_object->ID" ));
$r .= "<a href='$edit_link' class='edit'>".__( 'Edit' )."</a>";
}
$r .= "</td>\n\t</tr>";
@ -911,8 +911,8 @@ function list_meta( $meta ) {
}
$key_js = js_escape( $entry['meta_key'] );
$entry['meta_key'] = wp_specialchars( $entry['meta_key'], true );
$entry['meta_value'] = wp_specialchars( $entry['meta_value'], true );
$entry['meta_key'] = attribute_escape( $entry['meta_key']);
$entry['meta_value'] = attribute_escape( $entry['meta_value']);
$r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>";
$r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>";
$r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>";
@ -965,7 +965,7 @@ function meta_form() {
<?php
foreach ( $keys as $key ) {
$key = wp_specialchars( $key, 1 );
$key = attribute_escape( $key);
echo "\n\t<option value='$key'>$key</option>";
}
?>
@ -1992,7 +1992,7 @@ function wp_reset_vars( $vars ) {
function wp_remember_old_slug() {
global $post;
$name = wp_specialchars($post->post_name); // just in case
$name = attribute_escape($post->post_name); // just in case
if ( strlen($name) )
echo '<input type="hidden" id="wp-old-slug" name="wp-old-slug" value="' . $name . '" />';
}

2
wp-admin/bookmarklet.php
View File

@ -37,7 +37,7 @@ else
$content = wp_specialchars($_REQUEST['content']);
$popupurl = wp_specialchars($_REQUEST['popupurl']);
$popupurl = attribute_escape($_REQUEST['popupurl']);
if ( !empty($content) ) {
$post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) );
} else {

6
wp-admin/edit-category-form.php
View File

@ -26,11 +26,11 @@ if ( ! empty($cat_ID) ) {
<table class="editform" width="100%" cellspacing="2" cellpadding="5">
<tr>
<th width="33%" scope="row" valign="top"><label for="cat_name"><?php _e('Category name:') ?></label></th>
<td width="67%"><input name="cat_name" id="cat_name" type="text" value="<?php echo wp_specialchars($category->cat_name); ?>" size="40" /></td>
<td width="67%"><input name="cat_name" id="cat_name" type="text" value="<?php echo attribute_escape($category->cat_name); ?>" size="40" /></td>
</tr>
<tr>
<th scope="row" valign="top"><label for="category_nicename"><?php _e('Category slug:') ?></label></th>
<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo wp_specialchars($category->category_nicename); ?>" size="40" /></td>
<td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attribute_escape($category->category_nicename); ?>" size="40" /></td>
</tr>
<tr>
<th scope="row" valign="top"><label for="category_parent"><?php _e('Category parent:') ?></label></th>
@ -40,7 +40,7 @@ if ( ! empty($cat_ID) ) {
</tr>
<tr>
<th scope="row" valign="top"><label for="category_description"><?php _e('Description: (optional)') ?></label></th>
<td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description, 1); ?></textarea></td>
<td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description); ?></textarea></td>
</tr>
</table>
<p class="submit"><input type="submit" name="submit" value="<?php echo $submit_text ?>" /></p>

4
wp-admin/edit-comments.php
View File

@ -7,7 +7,7 @@ wp_enqueue_script( 'admin-comments' );
require_once('admin-header.php');
if (empty($_GET['mode'])) $mode = 'view';
else $mode = wp_specialchars($_GET['mode'], 1);
else $mode = attribute_escape($_GET['mode']);
?>
<script type="text/javascript">
@ -42,7 +42,7 @@ function getNumChecked(form)
<form name="searchform" action="" method="get" id="editcomments">
<fieldset>
<legend><?php _e('Show Comments That Contain...') ?></legend>
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" />
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
<input type="submit" name="submit" value="<?php _e('Search') ?>" />
<input type="hidden" name="mode" value="<?php echo $mode; ?>" />
<?php _e('(Searches within comment text, e-mail, URL, and IP address.)') ?>

4
wp-admin/edit-form-advanced.php
View File

@ -168,11 +168,11 @@ if ('publish' != $post->post_status || 0 == $post_ID) {
?>
<input name="referredby" type="hidden" id="referredby" value="<?php
if ( !empty($_REQUEST['popupurl']) )
echo wp_specialchars($_REQUEST['popupurl']);
echo attribute_escape(stripslashes($_REQUEST['popupurl']));
else if ( url_to_postid(wp_get_referer()) == $post_ID )
echo 'redo';
else
echo wp_specialchars(wp_get_referer());
echo attribute_escape(stripslashes(wp_get_referer()));
?>" /></p>
<?php do_action('edit_form_advanced'); ?>

2
wp-admin/edit-link-form.php
View File

@ -247,7 +247,7 @@ function xfn_check($class, $value = '', $type = 'check') {
<?php if ( $link_id ) : ?>
<input type="hidden" name="action" value="save" />
<input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
<input type="hidden" name="order_by" value="<?php echo wp_specialchars($order_by, 1); ?>" />
<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
<?php else: ?>
<input type="hidden" name="action" value="add" />

4
wp-admin/edit-page-form.php
View File

@ -13,12 +13,10 @@ if (0 == $post_ID) {
$form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
}
$sendto = wp_get_referer();
$sendto = attribute_escape(stripslashes(wp_get_referer()));
if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
$sendto = 'redo';
$sendto = wp_specialchars( $sendto );
?>
<form name="post" action="page.php" method="post" id="post">

2
wp-admin/edit-pages.php
View File

@ -13,7 +13,7 @@ require_once('admin-header.php');
<form name="searchform" action="" method="get">
<fieldset>
<legend><?php _e('Search Pages&hellip;') ?></legend>
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" />
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
<input type="submit" name="submit" value="<?php _e('Search') ?>" />
</fieldset>
</form>

2
wp-admin/edit.php
View File

@ -76,7 +76,7 @@ if ( is_month() ) {
<form name="searchform" id="searchform" action="" method="get">
<fieldset>
<legend><?php _e('Search Posts&hellip;') ?></legend>
<input type="text" name="s" value="<?php if (isset($s)) echo wp_specialchars($s, 1); ?>" size="17" />
<input type="text" name="s" value="<?php if (isset($s)) echo attribute_escape($s); ?>" size="17" />
<input type="submit" name="submit" value="<?php _e('Search') ?>" class="button" />
</fieldset>
</form>

6
wp-admin/link-manager.php
View File

@ -116,7 +116,7 @@ if ( $links ) {
<?php wp_nonce_field('bulk-bookmarks') ?>
<input type="hidden" name="link_id" value="" />
<input type="hidden" name="action" value="" />
<input type="hidden" name="order_by" value="<?php echo wp_specialchars($order_by, 1); ?>" />
<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
<table class="widefat">
<thead>
@ -130,9 +130,9 @@ if ( $links ) {
<tbody id="the-list">
<?php
foreach ($links as $link) {
$link->link_name = wp_specialchars($link->link_name);
$link->link_name = attribute_escape($link->link_name);
$link->link_description = wp_specialchars($link->link_description);
$link->link_url = wp_specialchars($link->link_url);
$link->link_url = attribute_escape($link->link_url);
$link->link_category = wp_get_link_cats($link->link_id);
$short_url = str_replace('http://', '', $link->link_url);
$short_url = str_replace('www.', '', $short_url);

2
wp-admin/options-misc.php
View File

@ -18,7 +18,7 @@ include('admin-header.php');
<table class="editform optiontable">
<tr valign="top">
<th scope="row"><?php _e('Store uploads in this folder'); ?>:</th>
<td><input name="upload_path" type="text" id="upload_path" class="code" value="<?php echo wp_specialchars(str_replace(ABSPATH, '', get_option('upload_path')), 1); ?>" size="40" />
<td><input name="upload_path" type="text" id="upload_path" class="code" value="<?php echo attribute_escape(str_replace(ABSPATH, '', get_option('upload_path'))); ?>" size="40" />
<br />
<?php _e('Default is <code>wp-content/uploads</code>'); ?>
</td>

4
wp-admin/options-permalink.php
View File

@ -149,7 +149,7 @@ checked="checked"
</label>
<br />
</p>
<p id="customstructure"><?php _e('Custom structure'); ?>: <input name="permalink_structure" id="permalink_structure" type="text" class="code" style="width: 60%;" value="<?php echo wp_specialchars($permalink_structure, 1); ?>" size="50" /></p>
<p id="customstructure"><?php _e('Custom structure'); ?>: <input name="permalink_structure" id="permalink_structure" type="text" class="code" style="width: 60%;" value="<?php echo attribute_escape($permalink_structure); ?>" size="50" /></p>
<h3><?php _e('Optional'); ?></h3>
<?php if ($is_apache) : ?>
@ -158,7 +158,7 @@ checked="checked"
<p><?php _e('If you like, you may enter a custom prefix for your category <abbr title="Universal Resource Locator">URL</abbr>s here. For example, <code>/index.php/taxonomy/tags</code> would make your category links like <code>http://example.org/index.php/taxonomy/tags/uncategorized/</code>. If you leave this blank the default will be used.') ?></p>
<?php endif; ?>
<p>
<?php _e('Category base'); ?>: <input name="category_base" type="text" class="code" value="<?php echo wp_specialchars($category_base, 1); ?>" size="30" />
<?php _e('Category base'); ?>: <input name="category_base" type="text" class="code" value="<?php echo attribute_escape($category_base); ?>" size="30" />
</p>
<p class="submit">
<input type="submit" name="submit" value="<?php _e('Update Permalink Structure &raquo;') ?>" />

2
wp-admin/options.php
View File

@ -158,7 +158,7 @@ endforeach;
?>
</table>
<?php $options_to_update = implode(',', $options_to_update); ?>
<p class="submit"><input type="hidden" name="page_options" value="<?php echo wp_specialchars($options_to_update, true); ?>" /><input type="submit" name="Update" value="<?php _e('Update Options &raquo;') ?>" /></p>
<p class="submit"><input type="hidden" name="page_options" value="<?php echo attribute_escape($options_to_update); ?>" /><input type="submit" name="Update" value="<?php _e('Update Options &raquo;') ?>" /></p>
</form>
</div>

2
wp-admin/page.php
View File

@ -57,7 +57,7 @@ case 'edit':
?>
<div id='preview' class='wrap'>
<h2 id="preview-post"><?php _e('Page Preview (updated when page is saved)'); ?></h2>
<iframe src="<?php echo wp_specialchars(apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
<iframe src="<?php echo attribute_escape(apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
</div>
<?php
break;

2
wp-admin/post.php
View File

@ -63,7 +63,7 @@ case 'edit':
?>
<div id='preview' class='wrap'>
<h2 id="preview-post"><?php _e('Post Preview (updated when post is saved)'); ?></h2>
<iframe src="<?php echo wp_specialchars(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
<iframe src="<?php echo attribute_escape(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
</div>
<?php
break;

2
wp-admin/templates.php
View File

@ -98,7 +98,7 @@ if ( $recents ) :
<?php
echo '<ol>';
foreach ($recents as $recent) :
echo "<li><a href='templates.php?file=" . wp_specialchars($recent, true) . "'>" . get_file_description(basename($recent)) . "</a></li>";
echo "<li><a href='templates.php?file=" . attribute_escape($recent) . "'>" . get_file_description(basename($recent)) . "</a></li>";
endforeach;
echo '</ol>';
endif;

2
wp-admin/theme-editor.php
View File

@ -88,7 +88,7 @@ default:
$theme_name = $a_theme['Name'];
if ($theme_name == $theme) $selected = " selected='selected'";
else $selected = '';
$theme_name = wp_specialchars($theme_name, true);
$theme_name = attribute_escape($theme_name);
echo "\n\t<option value=\"$theme_name\" $selected>$theme_name</option>";
}
?>

4
wp-admin/upgrade.php
View File

@ -28,7 +28,7 @@ else
<?php
switch($step) {
case 0:
$goback = wp_specialchars(wp_get_referer());
$goback = attribute_escape(stripslashes(wp_get_referer()));
?>
<p><?php _e('This file upgrades you from any previous version of WordPress to the latest. It may take a while though, so be patient.'); ?></p>
<h2 class="step"><a href="upgrade.php?step=1&amp;backto=<?php echo $goback; ?>"><?php _e('Upgrade WordPress &raquo;'); ?></a></h2>
@ -40,7 +40,7 @@ switch($step) {
if ( empty( $_GET['backto'] ) )
$backto = __get_option('home');
else
$backto = wp_specialchars( $_GET['backto'] , 1 );
$backto = attribute_escape(stripslashes($_GET['backto']));
?>
<h2><?php _e('Step 1'); ?></h2>
<p><?php printf(__("There's actually only one step. So if you see this, you're done. <a href='%s'>Have fun</a>!"), $backto); ?></p>

10
wp-admin/upload-functions.php
View File

@ -7,7 +7,7 @@ function wp_upload_display( $dims = false, $href = '' ) {
list($width,$height) = wp_shrink_dimensions($attachment_data['width'], $attachment_data['height'], 171, 128);
ob_start();
the_title();
$post_title = wp_specialchars( ob_get_contents(), 1 );
$post_title = attribute_escape( ob_get_contents());
ob_end_clean();
$post_content = apply_filters( 'content_edit_pre', $post->post_content );
@ -71,9 +71,9 @@ function wp_upload_view() {
echo '[&nbsp;';
echo '<a href="' . get_permalink() . '">' . __('view') . '</a>';
echo '&nbsp;|&nbsp;';
echo '<a href="' . wp_specialchars( add_query_arg( 'action', 'edit' ), 1 ) . '" title="' . __('Edit this file') . '">' . __('edit') . '</a>';
echo '<a href="' . attribute_escape( add_query_arg( 'action', 'edit' )) . '" title="' . __('Edit this file') . '">' . __('edit') . '</a>';
echo '&nbsp;|&nbsp;';
echo '<a href="' . wp_specialchars( remove_query_arg( array('action', 'ID') ), 1 ) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
echo '<a href="' . attribute_escape( remove_query_arg( array('action', 'ID') )) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
echo '&nbsp;]'; ?></span>
</div>
@ -111,9 +111,9 @@ function wp_upload_form() {
echo '[&nbsp;';
echo '<a href="' . get_permalink() . '">' . __('view') . '</a>';
echo '&nbsp;|&nbsp;';
echo '<a href="' . wp_specialchars( add_query_arg( 'action', 'view' ), 1 ) . '">' . __('links') . '</a>';
echo '<a href="' . attribute_escape( add_query_arg( 'action', 'view' )) . '">' . __('links') . '</a>';
echo '&nbsp;|&nbsp;';
echo '<a href="' . wp_specialchars( remove_query_arg( array('action','ID') ), 1 ) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
echo '<a href="' . attribute_escape( remove_query_arg( array('action','ID') )) . '" title="' . __('Browse your files') . '">' . __('cancel') . '</a>';
echo '&nbsp;]'; ?></span>
</div>

44
wp-admin/upload-js.php
View File

@ -72,22 +72,22 @@ addLoadEvent( function() {
var params = $H(this.params);
params.ID = '';
params.action = '';
h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "' title='<?php echo wp_specialchars(__('Browse your files'), 1); ?>' class='back'><?php echo wp_specialchars(__('&laquo; Back'), 1); ?></a>";
h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "' title='<?php echo attribute_escape(__('Browse your files')); ?>' class='back'><?php echo attribute_escape(__('&laquo; Back')); ?></a>";
} else {
h += "<a href='#' onclick='return theFileList.cancelView();' title='<?php echo wp_specialchars(__('Browse your files'), 1); ?>' class='back'><?php echo wp_specialchars(__('&laquo; Back'), 1) ?></a>";
h += "<a href='#' onclick='return theFileList.cancelView();' title='<?php echo attribute_escape(__('Browse your files')); ?>' class='back'><?php echo attribute_escape(__('&laquo; Back')) ?></a>";
}
h += "<div id='file-title'>"
if ( !this.currentImage.isImage )
h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo wp_specialchars(__('Direct link to file'), 1); ?>'>" + this.currentImage.title + "</a></h2>";
h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo attribute_escape(__('Direct link to file')); ?>'>" + this.currentImage.title + "</a></h2>";
else
h += "<h2>" + this.currentImage.title + "</h2>";
h += " &#8212; <span>";
h += "<a href='#' onclick='return theFileList.editView(" + id + ");'><?php echo wp_specialchars(__('Edit'), 1); ?></a>"
h += "<a href='#' onclick='return theFileList.editView(" + id + ");'><?php echo attribute_escape(__('Edit')); ?></a>"
h += "</span>";
h += '</div>'
h += "<div id='upload-file-view' class='alignleft'>";
if ( this.currentImage.isImage ) {
h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo wp_specialchars(__('Direct link to file'), 1); ?>'>";
h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo attribute_escape(__('Direct link to file')); ?>'>";
h += "<img src='" + ( this.currentImage.thumb ? this.currentImage.thumb : this.currentImage.src ) + "' alt='" + this.currentImage.title + "' width='" + this.currentImage.width + "' height='" + this.currentImage.height + "' />";
h += "</a>";
} else
@ -97,20 +97,20 @@ addLoadEvent( function() {
h += "<form name='uploadoptions' id='uploadoptions' class='alignleft'>";
h += "<table>";
if ( this.currentImage.thumb ) {
h += "<tr><th style='padding-bottom:.5em'><?php echo wp_specialchars(__('Show:'), 1); ?></th><td style='padding-bottom:.5em'>";
h += "<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' checked='checked' /> <?php echo wp_specialchars(__('Thumbnail'), 1); ?></label><br />";
h += "<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> <?php echo wp_specialchars(__('Full size'), 1); ?></label>";
h += "<tr><th style='padding-bottom:.5em'><?php echo attribute_escape(__('Show:')); ?></th><td style='padding-bottom:.5em'>";
h += "<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' checked='checked' /> <?php echo attribute_escape(__('Thumbnail')); ?></label><br />";
h += "<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> <?php echo attribute_escape(__('Full size')); ?></label>";
h += "</td></tr>";
}
h += "<tr><th><?php echo wp_specialchars(__('Link to:'), 1); ?></th><td>";
h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> <?php echo wp_specialchars(__('File'), 1); ?></label><br />";
h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> <?php echo wp_specialchars(__('Page'), 1); ?></label><br />";
h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> <?php echo wp_specialchars(__('None'), 1); ?></label>";
h += "<tr><th><?php echo attribute_escape(__('Link to:')); ?></th><td>";
h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> <?php echo attribute_escape(__('File')); ?></label><br />";
h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> <?php echo attribute_escape(__('Page')); ?></label><br />";
h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> <?php echo attribute_escape(__('None')); ?></label>";
h += "</td></tr>";
h += "<tr><td colspan='2'><p class='submit'>";
h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='<?php echo wp_specialchars(__('Send to editor &raquo;'), 1); ?>' />";
h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='<?php echo attribute_escape(__('Send to editor &raquo;')); ?>' />";
h += "</p></td></tr></table>";
h += "</form>";
@ -134,17 +134,17 @@ addLoadEvent( function() {
var params = $H(this.params);
params.ID = '';
params.action = '';
h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "' title='<?php echo wp_specialchars(__('Browse your files'), 1); ?>' class='back'><?php echo wp_specialchars(__('&laquo; Back'), 1); ?></a>";
h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "' title='<?php echo attribute_escape(__('Browse your files')); ?>' class='back'><?php echo attribute_escape(__('&laquo; Back')); ?></a>";
} else {
h += "<a href='#' onclick='return theFileList.cancelView();' title='<?php echo wp_specialchars(__('Browse your files'), 1); ?>' class='back'><?php echo wp_specialchars(__('&laquo; Back'), 1); ?></a>";
h += "<a href='#' onclick='return theFileList.cancelView();' title='<?php echo attribute_escape(__('Browse your files')); ?>' class='back'><?php echo attribute_escape(__('&laquo; Back')); ?></a>";
}
h += "<div id='file-title'>"
if ( !this.currentImage.isImage )
h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo wp_specialchars(__('Direct link to file'), 1); ?>'>" + this.currentImage.title + "</a></h2>";
h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo attribute_escape(__('Direct link to file')); ?>'>" + this.currentImage.title + "</a></h2>";
else
h += "<h2>" + this.currentImage.title + "</h2>";
h += " &#8212; <span>";
h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'><?php wp_specialchars(__('Insert'), 1); ?></a>"
h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'><?php attribute_escape(__('Insert')); ?></a>"
h += "</span>";
h += '</div>'
h += "<div id='upload-file-view' class='alignleft'>";
@ -158,20 +158,20 @@ addLoadEvent( function() {
h += "<table><col /><col class='widefat' /><tr>"
h += "<th scope='row'><label for='url'><?php echo wp_specialchars(__('URL'), 1); ?></label></th>";
h += "<th scope='row'><label for='url'><?php echo attribute_escape(__('URL')); ?></label></th>";
h += "<td><input type='text' id='url' class='readonly' value='" + this.currentImage.srcBase + this.currentImage.src + "' readonly='readonly' /></td>";
h += "</tr><tr>";
h += "<th scope='row'><label for='post_title'><?php echo wp_specialchars(__('Title'), 1); ?></label></th>";
h += "<th scope='row'><label for='post_title'><?php echo attribute_escape(__('Title')); ?></label></th>";
h += "<td><input type='text' id='post_title' name='post_title' value='" + this.currentImage.title + "' /></td>";
h += "</tr><tr>";
h += "<th scope='row'><label for='post_content'><?php echo wp_specialchars(__('Description'), 1); ?></label></th>";
h += "<th scope='row'><label for='post_content'><?php echo attribute_escape(__('Description')); ?></label></th>";
h += "<td><textarea name='post_content' id='post_content'>" + this.currentImage.description + "</textarea></td>";
h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='<?php echo wp_specialchars(__('Delete File'), 1); ?>' onclick='theFileList.deleteFile(" + id + ");' />";
h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='<?php echo attribute_escape(__('Delete File')); ?>' onclick='theFileList.deleteFile(" + id + ");' />";
h += "<input type='hidden' name='from_tab' value='" + this.tab + "' />";
h += "<input type='hidden' name='action' id='action-value' value='save' />";
h += "<input type='hidden' name='ID' value='" + id + "' />";
h += "<input type='hidden' name='_wpnonce' value='" + this.nonce + "' />";
h += "<div class='submit'><input type='submit' value='<?php echo wp_specialchars(__('Save &raquo;'), 1); ?>' /></div>";
h += "<div class='submit'><input type='submit' value='<?php echo attribute_escape(__('Save &raquo;')); ?>' /></div>";
h += "</td></tr></table></form>";
new Insertion.Top('upload-content', h);

2
wp-admin/upload.php
View File

@ -87,7 +87,7 @@ foreach ( $wp_upload_tabs as $t => $tab_array ) { // We've already done the curr
$href = add_query_arg( array('tab' => $t, 'ID' => '', 'action' => '', 'paged' => '') );
if ( isset($tab_array[4]) && is_array($tab_array[4]) )
add_query_arg( $tab_array[4], $href );
$_href = wp_specialchars( $href, 1 );
$_href = attribute_escape( $href);
$page_links = '';
$class = 'upload-tab alignleft';
if ( $tab == $t ) {

2
wp-admin/user-edit.php
View File

@ -55,7 +55,7 @@ include ('admin-header.php');
<div id="message" class="updated fade">
<p><strong><?php _e('User updated.') ?></strong></p>
<?php if ( $wp_http_referer ) : ?>
<p><a href="<?php echo wp_specialchars($wp_http_referer); ?>"><?php _e('&laquo; Back to Authors and Users'); ?></a></p>
<p><a href="<?php echo attribute_escape($wp_http_referer); ?>"><?php _e('&laquo; Back to Authors and Users'); ?></a></p>
<?php endif; ?>
</div>
<?php endif; ?>

8
wp-admin/users.php
View File

@ -12,10 +12,10 @@ $action = $_REQUEST['action'];
$update = '';
if ( empty($_POST) ) {
$referer = '<input type="hidden" name="wp_http_referer" value="'. wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
$referer = '<input type="hidden" name="wp_http_referer" value="'. attribute_escape(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
} elseif ( isset($_POST['wp_http_referer']) ) {
$redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), stripslashes($_POST['wp_http_referer']));
$referer = '<input type="hidden" name="wp_http_referer" value="' . wp_specialchars($redirect) . '" />';
$referer = '<input type="hidden" name="wp_http_referer" value="' . attribute_escape($redirect) . '" />';
} else {
$redirect = 'users.php';
}
@ -338,7 +338,7 @@ default:
<?php endif; ?>
<form action="" method="get" name="search" id="search">
<p><input type="text" name="usersearch" id="usersearch" value="<?php echo wp_specialchars($wp_user_search->search_term, 1); ?>" /> <input type="submit" value="<?php _e('Search users &raquo;'); ?>" class="button" /></p>
<p><input type="text" name="usersearch" id="usersearch" value="<?php echo attribute_escape($wp_user_search->search_term); ?>" /> <input type="submit" value="<?php _e('Search users &raquo;'); ?>" class="button" /></p>
</form>
<?php if ( is_wp_error( $wp_user_search->search_errors ) ) : ?>
@ -429,7 +429,7 @@ foreach ( (array) $roleclass as $user_object ) {
if ( is_wp_error($add_user_errors) ) {
foreach ( array('user_login' => 'user_login', 'first_name' => 'user_firstname', 'last_name' => 'user_lastname', 'email' => 'user_email', 'url' => 'user_uri', 'role' => 'user_role') as $formpost => $var ) {
$var = 'new_' . $var;
$$var = wp_specialchars(stripslashes($_POST[$formpost]));
$$var = attribute_escape(stripslashes($_POST[$formpost]));
}
unset($name);
}

2
wp-content/themes/classic/comments-popup.php
View File

@ -60,7 +60,7 @@ if (!empty($commentstatus->post_password) && $_COOKIE['wp-postpass_'. COOKIEHASH
<input type="text" name="author" id="author" class="textarea" value="<?php echo $comment_author; ?>" size="28" tabindex="1" />
<label for="author"><?php _e("Name"); ?></label>
<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
<input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($_SERVER["REQUEST_URI"]); ?>" />
<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" />
</p>
<p>

2
wp-content/themes/default/comments-popup.php
View File

@ -60,7 +60,7 @@ if (!empty($post->post_password) && $_COOKIE['wp-postpass_'. COOKIEHASH] != $pos
<input type="text" name="author" id="author" class="textarea" value="<?php echo $comment_author; ?>" size="28" tabindex="1" />
<label for="author">Name</label>
<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
<input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($_SERVER["REQUEST_URI"]); ?>" />
<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" />
</p>
<p>

4
wp-includes/author-template.php
View File

@ -139,7 +139,7 @@ function the_author_posts() {
function the_author_posts_link($deprecated = '') {
global $authordata;
echo '<a href="' . get_author_posts_url($authordata->ID, $authordata->user_nicename) . '" title="' . sprintf(__("Posts by %s"), wp_specialchars(get_the_author())) . '">' . get_the_author() . '</a>';
echo '<a href="' . get_author_posts_url($authordata->ID, $authordata->user_nicename) . '" title="' . sprintf(__("Posts by %s"), attribute_escape(get_the_author())) . '">' . get_the_author() . '</a>';
}
function get_author_posts_url($author_id, $author_nicename = '') {
@ -202,7 +202,7 @@ function wp_list_authors($args = '') {
if ( !$hide_empty )
$link = $name;
} else {
$link = '<a href="' . get_author_posts_url($author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), wp_specialchars($author->display_name)) . '">' . $name . '</a>';
$link = '<a href="' . get_author_posts_url($author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), attribute_escape($author->display_name)) . '">' . $name . '</a>';
if ( (! empty($feed_image)) || (! empty($feed)) ) {
$link .= ' ';

8
wp-includes/bookmark-template.php
View File

@ -101,8 +101,8 @@ function get_links($category = -1,
if ( '' != $rel )
$rel = ' rel="' . $rel . '"';
$desc = wp_specialchars($row->link_description, ENT_QUOTES);
$name = wp_specialchars($row->link_name, ENT_QUOTES);
$desc = attribute_escape($row->link_description);
$name = attribute_escape($row->link_name);
$title = $desc;
if ( $show_updated )
@ -266,8 +266,8 @@ function _walk_bookmarks($bookmarks, $args = '' ) {
if ( '' != $rel )
$rel = ' rel="' . $rel . '"';
$desc = wp_specialchars($bookmark->link_description, ENT_QUOTES);
$name = wp_specialchars($bookmark->link_name, ENT_QUOTES);
$desc = attribute_escape($bookmark->link_description);
$name = attribute_escape($bookmark->link_name);
$title = $desc;
if ( $show_updated )

6
wp-includes/classes.php
View File

@ -509,7 +509,7 @@ class Walker_Page extends Walker {
elseif ( $_current_page && $page->ID == $_current_page->post_parent )
$css_class .= ' current_page_parent';
$output .= $indent . '<li class="' . $css_class . '"><a href="' . get_page_link($page->ID) . '" title="' . wp_specialchars($page->post_title, 1) . '">' . $page->post_title . '</a>';
$output .= $indent . '<li class="' . $css_class . '"><a href="' . get_page_link($page->ID) . '" title="' . attribute_escape($page->post_title) . '">' . $page->post_title . '</a>';
if ( !empty($show_date) ) {
if ( 'modified' == $show_date )
@ -575,12 +575,12 @@ class Walker_Category extends Walker {
function start_el($output, $category, $depth, $args) {
extract($args);
$cat_name = wp_specialchars( $category->cat_name, 1 );
$cat_name = attribute_escape( $category->cat_name);
$link = '<a href="' . get_category_link( $category->cat_ID ) . '" ';
if ( $use_desc_for_title == 0 || empty($category->category_description) )
$link .= 'title="' . sprintf(__( 'View all posts filed under %s' ), $cat_name) . '"';
else
$link .= 'title="' . wp_specialchars( apply_filters( 'category_description', $category->category_description, $category ), 1 ) . '"';
$link .= 'title="' . attribute_escape( apply_filters( 'category_description', $category->category_description, $category )) . '"';
$link .= '>';
$link .= apply_filters( 'list_cats', $category->cat_name, $category ).'</a>';

2
wp-includes/comment-template.php
View File

@ -353,7 +353,7 @@ function comments_popup_link($zero='No Comments', $one='1 Comment', $more='% Com
if (!empty($CSSclass)) {
echo ' class="'.$CSSclass.'"';
}
$title = wp_specialchars(apply_filters('the_title', get_the_title()), true);
$title = attribute_escape(apply_filters('the_title', get_the_title()));
echo ' title="' . sprintf( __('Comment on %s'), $title ) .'">';
comments_number($zero, $one, $more, $number);
echo '</a>';

6
wp-includes/comment.php
View File

@ -155,21 +155,21 @@ function sanitize_comment_cookies() {
if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
$comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
$comment_author = stripslashes($comment_author);
$comment_author = wp_specialchars($comment_author, true);
$comment_author = attribute_escape($comment_author);
$_COOKIE['comment_author_'.COOKIEHASH] = $comment_author;
}
if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
$comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
$comment_author_email = stripslashes($comment_author_email);
$comment_author_email = wp_specialchars($comment_author_email, true);
$comment_author_email = attribute_escape($comment_author_email);
$_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email;
}
if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
$comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
$comment_author_url = stripslashes($comment_author_url);
$comment_author_url = wp_specialchars($comment_author_url, true);
$comment_author_url = attribute_escape($comment_author_url);
$_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url;
}
}

5
wp-includes/formatting.php
View File

@ -1081,6 +1081,11 @@ function js_escape($text) {
return preg_replace("/\r?\n/", "\\n", addslashes($text));
}
// Escaping for HTML attributes like
function attribute_escape($text) {
return wp_specialchars($text, true);
}
function wp_make_link_relative( $link ) {
return preg_replace('|https?://[^/]+(/.*)|i', '$1', $link );
}

10
wp-includes/functions.php
View File

@ -231,7 +231,7 @@ function get_option($setting) {
}
function form_option($option) {
echo wp_specialchars( get_option($option), 1 );
echo attribute_escape( get_option($option));
}
function get_alloptions() {
@ -914,16 +914,16 @@ function wp_nonce_field($action = -1) {
}
function wp_referer_field() {
$ref = wp_specialchars($_SERVER['REQUEST_URI']);
$ref = attribute_escape($_SERVER['REQUEST_URI']);
echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />';
if ( wp_get_original_referer() ) {
$original_ref = wp_specialchars(stripslashes(wp_get_original_referer()));
$original_ref = attribute_escape(stripslashes(wp_get_original_referer()));
echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />';
}
}
function wp_original_referer_field() {
echo '<input type="hidden" name="_wp_original_http_referer" value="' . wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
echo '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
}
function wp_get_referer() {
@ -1190,7 +1190,7 @@ function wp_nonce_ays($action) {
foreach ( (array) $q as $a ) {
$v = substr(strstr($a, '='), 1);
$k = substr($a, 0, -(strlen($v)+1));
$html .= "\t\t<input type='hidden' name='" . wp_specialchars( urldecode($k), 1 ) . "' value='" . wp_specialchars( urldecode($v), 1 ) . "' />\n";
$html .= "\t\t<input type='hidden' name='" . attribute_escape( urldecode($k)) . "' value='" . attribute_escape( urldecode($v)) . "' />\n";
}
$html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n";
$html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_explain_nonce($action) . "</p>\n\t\t<p><a href='$adminurl'>" . __('No') . "</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t\t</div>\n\t</form>\n";

10
wp-includes/general-template.php
View File

@ -279,7 +279,7 @@ function single_month_title($prefix = '', $display = true ) {
/* link navigation hack by Orien http://icecode.com/ */
function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
$text = wptexturize($text);
$title_text = wp_specialchars($text, 1);
$title_text = attribute_escape($text);
if ('link' == $format)
return "\t<link rel='archives' title='$title_text' href='$url' />\n";
@ -901,7 +901,7 @@ function the_editor($content, $id = 'content', $prev_id = 'title') {
function the_search_query() {
global $s;
echo wp_specialchars( stripslashes($s), 1 );
echo attribute_escape( stripslashes($s));
}
function language_attributes() {
@ -956,7 +956,7 @@ function paginate_links( $arg = '' ) {
$link = str_replace('%#%', $current - 1, $link);
if ( $add_args )
$link = add_query_arg( $add_args, $link );
$page_links[] = "<a class='prev page-numbers' href='" . wp_specialchars( $link, 1 ) . "'>$prev_text</a>";
$page_links[] = "<a class='prev page-numbers' href='" . attribute_escape( $link) . "'>$prev_text</a>";
endif;
for ( $n = 1; $n <= $total; $n++ ) :
if ( $n == $current ) :
@ -968,7 +968,7 @@ function paginate_links( $arg = '' ) {
$link = str_replace('%#%', $n, $link);
if ( $add_args )
$link = add_query_arg( $add_args, $link );
$page_links[] = "<a class='page-numbers' href='" . wp_specialchars( $link, 1 ) . "'>$n</a>";
$page_links[] = "<a class='page-numbers' href='" . attribute_escape( $link) . "'>$n</a>";
$dots = true;
elseif ( $dots && !$show_all ) :
$page_links[] = "<span class='page-numbers dots'>...</span>";
@ -981,7 +981,7 @@ function paginate_links( $arg = '' ) {
$link = str_replace('%#%', $current + 1, $link);
if ( $add_args )
$link = add_query_arg( $add_args, $link );
$page_links[] = "<a class='next page-numbers' href='" . wp_specialchars( $link, 1 ) . "'>$next_text</a>";
$page_links[] = "<a class='next page-numbers' href='" . attribute_escape( $link) . "'>$next_text</a>";
endif;
switch ( $type ) :
case 'array' :

6
wp-includes/post-template.php
View File

@ -334,7 +334,7 @@ function get_the_attachment_link($id = 0, $fullsize = false, $max_dims = false)
if ( ('attachment' != $_post->post_type) || ('' == $_post->guid) )
return __('Missing Attachment');
$post_title = wp_specialchars( $_post->post_title, 1 );
$post_title = attribute_escape( $_post->post_title);
if (! empty($_post->guid) ) {
$innerHTML = get_attachment_innerHTML($_post->ID, $fullsize, $max_dims);
@ -420,7 +420,7 @@ function get_attachment_icon($id = 0, $fullsize = false, $max_dims = false) {
}
}
$post_title = wp_specialchars( $post->post_title, 1 );
$post_title = attribute_escape( $post->post_title);
$icon = "<img src='$src' title='$post_title' alt='$post_title' $constraint/>";
@ -435,7 +435,7 @@ function get_attachment_innerHTML($id = 0, $fullsize = false, $max_dims = false)
$post = & get_post($id);
$innerHTML = wp_specialchars( $post->post_title, 1 );
$innerHTML = attribute_escape( $post->post_title);
return apply_filters('attachment_innerHTML', $innerHTML, $post->ID);
}

4
wp-links-opml.php
View File

@ -30,13 +30,13 @@ else
foreach ((array) $cats as $cat) {
?>
<outline type="category" title="<?php echo wp_specialchars($cat->cat_name); ?>">
<outline type="category" title="<?php echo attribute_escape($cat->cat_name); ?>">
<?php
$bookmarks = get_bookmarks("category={$cat->cat_ID}");
foreach ((array) $bookmarks as $bookmark) {
?>
<outline text="<?php echo wp_specialchars($bookmark->link_name); ?>" type="link" xmlUrl="<?php echo wp_specialchars($bookmark->link_rss); ?>" htmlUrl="<?php echo wp_specialchars($bookmark->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $bookmark->link_updated) echo $bookmark->link_updated; ?>" />
<outline text="<?php echo attribute_escape($bookmark->link_name); ?>" type="link" xmlUrl="<?php echo attribute_escape($bookmark->link_rss); ?>" htmlUrl="<?php echo attribute_escape($bookmark->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $bookmark->link_updated) echo $bookmark->link_updated; ?>" />
<?php
}

12
wp-login.php
View File

@ -138,11 +138,11 @@ case 'retrievepassword' :
<form name="lostpasswordform" id="lostpasswordform" action="wp-login.php?action=lostpassword" method="post">
<p>
<label><?php _e('Username:') ?><br />
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo wp_specialchars(stripslashes($_POST['user_login']), 1); ?>" size="20" tabindex="10" /></label>
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($_POST['user_login'])); ?>" size="20" tabindex="10" /></label>
</p>
<p>
<label><?php _e('E-mail:') ?><br />
<input type="text" name="user_email" id="user_email" class="input" value="<?php echo wp_specialchars(stripslashes($_POST['user_email']), 1); ?>" size="25" tabindex="20" /></label>
<input type="text" name="user_email" id="user_email" class="input" value="<?php echo attribute_escape(stripslashes($_POST['user_email'])); ?>" size="25" tabindex="20" /></label>
</p>
<?php do_action('lostpassword_form'); ?>
<p class="submit"><input type="submit" name="submit" id="submit" value="<?php _e('Get New Password &raquo;'); ?>" tabindex="100" /></p>
@ -257,11 +257,11 @@ case 'register' :
<form name="registerform" id="registerform" action="wp-login.php?action=register" method="post">
<p>
<label><?php _e('Username:') ?><br />
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="10" /></label>
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
</p>
<p>
<label><?php _e('E-mail:') ?><br />
<input type="text" name="user_email" id="user_email" class="input" value="<?php echo wp_specialchars(stripslashes($user_email), 1); ?>" size="25" tabindex="20" /></label>
<input type="text" name="user_email" id="user_email" class="input" value="<?php echo attribute_escape(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>
</p>
<?php do_action('register_form'); ?>
<p id="reg_passmail"><?php _e('A password will be e-mailed to you.') ?></p>
@ -344,7 +344,7 @@ default:
<form name="loginform" id="loginform" action="wp-login.php" method="post">
<p>
<label><?php _e('Username:') ?><br />
<input type="text" name="log" id="user_login" class="input" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="10" /></label>
<input type="text" name="log" id="user_login" class="input" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>
</p>
<p>
<label><?php _e('Password:') ?><br />
@ -354,7 +354,7 @@ default:
<p><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _e('Remember me'); ?></label></p>
<p class="submit">
<input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> &raquo;" tabindex="100" />
<input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($redirect_to); ?>" />
<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($redirect_to); ?>" />
</p>
</form>
</div>