Fix for bug 0000091: fixed encoding of special chars.

git-svn-id: http://svn.automattic.com/wordpress/trunk@1437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
jverber 2004-06-19 03:57:57 +00:00
parent 363ea80470
commit 82ae8fb211
2 changed files with 3 additions and 1 deletions

View File

@ -113,6 +113,7 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) {
if ($categories) { if ($categories) {
foreach ($categories as $category) { foreach ($categories as $category) {
if ($category->category_parent == $parent) { if ($category->category_parent == $parent) {
$category->cat_name = htmlspecialchars($category->cat_name);
$count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID"); $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
$pad = str_repeat('— ', $level); $pad = str_repeat('— ', $level);
@ -139,6 +140,7 @@ function wp_dropdown_cats($currentcat, $currentparent = 0, $parent = 0, $level =
foreach ($categories as $category) { if ($currentcat != $category->cat_ID && $parent == $category->category_parent) { foreach ($categories as $category) { if ($currentcat != $category->cat_ID && $parent == $category->category_parent) {
$count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID"); $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID");
$pad = str_repeat('– ', $level); $pad = str_repeat('– ', $level);
$category->cat_name = htmlspecialchars($category->cat_name);
echo "\n\t<option value='$category->cat_ID'"; echo "\n\t<option value='$category->cat_ID'";
if ($currentparent == $category->cat_ID) if ($currentparent == $category->cat_ID)
echo " selected='selected'"; echo " selected='selected'";

View File

@ -98,7 +98,7 @@ case 'edit':
<input type="hidden" name="action" value="editedcat" /> <input type="hidden" name="action" value="editedcat" />
<input type="hidden" name="cat_ID" value="<?php echo $_GET['cat_ID'] ?>" /> <input type="hidden" name="cat_ID" value="<?php echo $_GET['cat_ID'] ?>" />
<p><?php _e('Category name:') ?><br /> <p><?php _e('Category name:') ?><br />
<input type="text" name="cat_name" value="<?php echo $cat_name; ?>" /></p> <input type="text" name="cat_name" value="<?php echo htmlspecialchars($cat_name); ?>" /></p>
<p><?php _e('Category parent:') ?><br /> <p><?php _e('Category parent:') ?><br />
<select name='cat' class='postform'> <select name='cat' class='postform'>
<option value='0'<?php if (!$category->category_parent) echo " selected='selected'"; ?>><?php _e('None') ?></option> <option value='0'<?php if (!$category->category_parent) echo " selected='selected'"; ?>><?php _e('None') ?></option>