mirror of
https://github.com/WordPress/WordPress.git
synced 2024-09-28 07:07:38 +02:00
Sanitize output of previous_posts() and next_posts(). Props Alex Concha for the report.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
0e0362a7a4
commit
b3268bdec9
@ -378,7 +378,7 @@ function next_post($format='%', $next='next post: ', $title='yes', $in_same_cat=
|
||||
function get_pagenum_link($pagenum = 1) {
|
||||
global $wp_rewrite;
|
||||
|
||||
$qstr = wp_specialchars($_SERVER['REQUEST_URI']);
|
||||
$qstr = $_SERVER['REQUEST_URI'];
|
||||
|
||||
$page_querystring = "paged";
|
||||
$page_modstring = "page/";
|
||||
@ -445,7 +445,7 @@ function get_pagenum_link($pagenum = 1) {
|
||||
return $qstr;
|
||||
}
|
||||
|
||||
function next_posts($max_page = 0) { // original by cfactor at cooltux.org
|
||||
function get_next_posts_page_link($max_page = 0) {
|
||||
global $paged, $pagenow;
|
||||
|
||||
if ( !is_single() ) {
|
||||
@ -453,10 +453,14 @@ function next_posts($max_page = 0) { // original by cfactor at cooltux.org
|
||||
$paged = 1;
|
||||
$nextpage = intval($paged) + 1;
|
||||
if ( !$max_page || $max_page >= $nextpage )
|
||||
echo get_pagenum_link($nextpage);
|
||||
return get_pagenum_link($nextpage);
|
||||
}
|
||||
}
|
||||
|
||||
function next_posts($max_page = 0) {
|
||||
echo attribute_escape(get_next_posts_page_link($max_page));
|
||||
}
|
||||
|
||||
function next_posts_link($label='Next Page »', $max_page=0) {
|
||||
global $paged, $result, $request, $posts_per_page, $wpdb, $max_num_pages;
|
||||
if ( !$max_page ) {
|
||||
@ -479,18 +483,20 @@ function next_posts_link($label='Next Page »', $max_page=0) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function previous_posts() { // original by cfactor at cooltux.org
|
||||
function get_previous_posts_page_link() {
|
||||
global $paged, $pagenow;
|
||||
|
||||
if ( !is_single() ) {
|
||||
$nextpage = intval($paged) - 1;
|
||||
if ( $nextpage < 1 )
|
||||
$nextpage = 1;
|
||||
echo get_pagenum_link($nextpage);
|
||||
return get_pagenum_link($nextpage);
|
||||
}
|
||||
}
|
||||
|
||||
function previous_posts() {
|
||||
echo attribute_escape(get_previous_posts_page_link());
|
||||
}
|
||||
|
||||
function previous_posts_link($label='« Previous Page') {
|
||||
global $paged;
|
||||
|
Loading…
Reference in New Issue
Block a user