Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

link_notes and term_description escaping fixes. Props garyc40. fixes #15454 

git-svn-id: http://svn.automattic.com/wordpress/trunk@17146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2010-12-25 22:45:09 +00:00
parent c99f4a9929
commit c626339cca
2 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wp-includes/bookmark.php
View File

@ -334,11 +334,10 @@ function sanitize_bookmark_field($field, $value, $bookmark_id, $context) {
return $value;
if ( 'edit' == $context ) {
$format_to_edit = array('link_notes');
$value = apply_filters("edit_$field", $value, $bookmark_id);
if ( in_array($field, $format_to_edit) ) {
$value = format_to_edit($value);
if ( 'link_notes' == $field ) {
$value = esc_html( $value ); // textarea_escaped
} else {
$value = esc_attr($value);
}

2
wp-includes/taxonomy.php
View File

@ -1521,7 +1521,7 @@ function sanitize_term_field($field, $value, $term_id, $taxonomy, $context) {
$value = apply_filters("edit_term_{$field}", $value, $term_id, $taxonomy);
$value = apply_filters("edit_{$taxonomy}_{$field}", $value, $term_id);
if ( 'description' == $field )
$value = format_to_edit($value);
$value = esc_html($value); // textarea_escaped
else
$value = esc_attr($value);
} else if ( 'db' == $context ) {