Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use js_escape. Props nbachiyski. fixes #3399 

git-svn-id: http://svn.automattic.com/wordpress/trunk@4535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-11-28 21:51:13 +00:00
parent 950ad14094
commit cc44db510d
15 changed files with 61 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/cat-js.php
View File

@ -8,7 +8,7 @@ function newCatAddIn() {
var jaxcat = $('jaxcat');
if ( !jaxcat )
return false;
jaxcat.update('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="<?php _e('Add'); ?>"/><span id="howto"><?php _e('Separate multiple categories with commas.'); ?></span></span>');
jaxcat.update('<span id="ajaxcat"><input type="text" name="newcat" id="newcat" size="16" autocomplete="off"/><input type="button" name="Button" id="catadd" value="<?php echo js_escape(__('Add')); ?>"/><span id="howto"><?php js_escape(__('Separate multiple categories with commas.')); ?></span></span>');
$('newcat').onkeypress = function(e) { return killSubmit("catList.ajaxAdder('category','jaxcat');", e); };
$('catadd').onclick = function() { catList.ajaxAdder('category', 'jaxcat'); };
}

18
wp-admin/comment.php
View File

@ -18,7 +18,7 @@ case 'editcomment':
$comment = (int) $_GET['c'];
if ( ! $comment = get_comment($comment) )
wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'javascript:history.go(-1)'));
wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'javascript:history.go(-1)'));
if ( !current_user_can('edit_post', $comment->comment_post_ID) )
wp_die( __('You are not allowed to edit comments on this post.') );
@ -40,7 +40,7 @@ case 'mac':
$nonce_action .= $comment;
if ( ! $comment = get_comment($comment) )
wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
if ( !current_user_can('edit_post', $comment->comment_post_ID) )
wp_die( 'cdc' == $action ? __('You are not allowed to delete comments on this post.') : __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
@ -49,11 +49,11 @@ case 'mac':
<div class="narrow">
<?php if ( 'spam' == $_GET['dt'] ) { ?>
<p><?php _e('<strong>Caution:</strong> You are about to mark the following comment as spam:'); ?></p>
<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to mark the following comment as spam:'); ?></p>
<?php } elseif ( 'cdc' == $action ) { ?>
<p><?php _e('<strong>Caution:</strong> You are about to delete the following comment:'); ?></p>
<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to delete the following comment:'); ?></p>
<?php } else { ?>
<p><?php _e('<strong>Caution:</strong> You are about to approve the following comment:'); ?></p>
<p><?php echo '<strong>'.__('Caution:').'</strong> '.__('You are about to approve the following comment:'); ?></p>
<?php } ?>
<p><?php _e('Are you sure you want to do that?'); ?></p>
@ -116,7 +116,7 @@ case 'deletecomment':
}
if ( ! $comment = get_comment($comment) )
wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit-comments.php'));
wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit-comments.php'));
if ( !current_user_can('edit_post', $comment->comment_post_ID) )
wp_die( __('You are not allowed to edit comments on this post.') );
@ -145,7 +145,7 @@ case 'unapprovecomment':
}
if ( ! $comment = get_comment($comment) )
wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
if ( !current_user_can('edit_post', $comment->comment_post_ID) )
wp_die( __('You are not allowed to edit comments on this post, so you cannot disapprove this comment.') );
@ -171,7 +171,7 @@ case 'approvecomment':
}
if ( ! $comment = get_comment($comment) )
wp_die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
wp_die(__('Oops, no comment with this ID.').sprintf(' <a href="%s">'.__('Go back').'</a>!', 'edit.php'));
if ( !current_user_can('edit_post', $comment->comment_post_ID) )
wp_die( __('You are not allowed to edit comments on this post, so you cannot approve this comment.') );
@ -210,4 +210,4 @@ default:
include('admin-footer.php');
?>
?>

24
wp-admin/dbx-admin-key-js.php
View File

@ -32,12 +32,12 @@ addLoadEvent( function()
'10', // animate re-ordering [frames per transition, or '0' for no effect]
'yes', // include open/close toggle buttons ['yes'|'no']
'closed', // default state ['open'|'closed']
'open', // word for "open", as in "open this box"
'close', // word for "close", as in "close this box"
'click-down and drag to move this box', // sentence for "move this box" by mouse
'click to %toggle% this box', // pattern-match sentence for "(open|close) this box" by mouse
'use the arrow keys to move this box', // sentence for "move this box" by keyboard
', or press the enter key to %toggle% it', // pattern-match sentence-fragment for "(open|close) this box" by keyboard
'<?php echo js_escape(__('open')); ?>', // word for "open", as in "open this box"
'<?php echo js_escape(__('close')); ?>', // word for "close", as in "close this box"
'<?php echo js_escape(__('click-down and drag to move this box')); ?>', // sentence for "move this box" by mouse
'<?php echo js_escape(__('click to %toggle% this box')); ?>', // pattern-match sentence for "(open|close) this box" by mouse
'<?php echo js_escape(__('use the arrow keys to move this box')); ?>', // sentence for "move this box" by keyboard
'<?php echo js_escape(__(', or press the enter key to %toggle% it')); ?>', // pattern-match sentence-fragment for "(open|close) this box" by keyboard
'%mytitle% [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts
);
@ -57,12 +57,12 @@ addLoadEvent( function()
'10', // animate re-ordering [frames per transition, or '0' for no effect]
'yes', // include open/close toggle buttons ['yes'|'no']
'closed', // default state ['open'|'closed']
'open', // word for "open", as in "open this box"
'close', // word for "close", as in "close this box"
'click-down and drag to move this box', // sentence for "move this box" by mouse
'click to %toggle% this box', // pattern-match sentence for "(open|close) this box" by mouse
'use the arrow keys to move this box', // sentence for "move this box" by keyboard
', or press the enter key to %toggle% it', // pattern-match sentence-fragment for "(open|close) this box" by keyboard
'<?php echo js_escape(__('open')); ?>', // word for "open", as in "open this box"
'<?php echo js_escape(__('close')); ?>', // word for "close", as in "close this box"
'<?php echo js_escape(__('click-down and drag to move this box')); ?>', // sentence for "move this box" by mouse
'<?php echo js_escape(__('click to %toggle% this box')); ?>', // pattern-match sentence for "(open|close) this box" by mouse
'<?php echo js_escape(__('use the arrow keys to move this box')); ?>', // sentence for "move this box" by keyboard
'<?php echo js_escape(__(', or press the enter key to %toggle% it')); ?>', // pattern-match sentence-fragment for "(open|close) this box" by keyboard
'%mytitle% [%dbxtitle%]' // pattern-match syntax for title-attribute conflicts
);
});

10
wp-admin/edit-comments.php
View File

@ -157,12 +157,12 @@ $start = " start='$offset'";
<?php
if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
echo " <a href='comment.php?action=editcomment&amp;c=".$comment->comment_ID."'>" . __('Edit') . '</a>';
echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&amp;p=' . $comment->comment_post_ID . '&amp;c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
}
echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), js_escape( $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&amp;dt=spam&amp;p=" . $comment->comment_post_ID . "&amp;c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
}
$post = get_post($comment->comment_post_ID);
$post_title = wp_specialchars( $post->post_title, 'double' );
@ -223,14 +223,14 @@ $post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
<td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
echo "<a href='comment.php?action=editcomment&amp;c=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td>
<td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape( $comment->comment_author )) . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
echo "<a href=\"comment.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;c=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author )) . "', theCommentList );\" class='delete'>" . __('Delete') . "</a> ";
} ?></td>
</tr>
<?php
} // end foreach
?></table>
<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php _e("Please select some comments to delete"); ?>'); return false } return confirm('<?php printf(__("You are about to delete %s comments permanently \\n \'Cancel\' to stop, \'OK\' to delete."), "' + numchecked + '"); ?>')" />
<input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="return confirm('<?php _e("You are about to mark these comments as spam \\n \'Cancel\' to stop, \'OK\' to mark as spam.") ?>')" /></p>
<p class="submit"><input type="submit" name="delete_button" class="delete" value="<?php _e('Delete Checked Comments &raquo;') ?>" onclick="var numchecked = getNumChecked(document.getElementById('deletecomments')); if(numchecked < 1) { alert('<?php echo js_escape(__("Please select some comments to delete")); ?>'); return false } return confirm('<?php echo js_escape(sprintf(__("You are about to delete %s comments permanently \\n \'Cancel\' to stop, \'OK\' to delete.")), "' + numchecked + '"); ?>')" />
<input type="submit" name="spam_button" value="<?php _e('Mark Checked Comments as Spam &raquo;') ?>" onclick="return confirm('<?php echo js_escape(__("You are about to mark these comments as spam \\n \'Cancel\' to stop, \'OK\' to mark as spam.")); ?>')" /></p>
</form>
<div id="ajax-response"></div>
<?php

2
wp-admin/edit-form-advanced.php
View File

@ -244,7 +244,7 @@ list_meta($metadata);
</div>
<?php if ('edit' == $action) : $delete_nonce = wp_create_nonce( 'delete-post_' . $post_ID ); ?>
<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this post') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this post \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
<?php endif; ?>
</div>

2
wp-admin/edit-page-form.php
View File

@ -188,7 +188,7 @@ list_meta($metadata);
<?php if ('edit' == $action) :
$delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID );
if ( current_user_can('delete_page', $post->ID) ) ?>
<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape($post->post_title) ) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
<?php endif; ?>
</div>

2
wp-admin/import/blogger.php
View File

@ -10,7 +10,7 @@ class Blogger_Import {
$title = __('Import Blogger');
$welcome = __('Howdy! This importer allows you to import posts and comments from your Blogger account into your WordPress blog.');
$noiframes = __('This feature requires iframe support.');
$warning = __('This will delete everything saved by the Blogger importer except your posts and comments. Are you sure you want to do this?');
$warning = js_escape(__('This will delete everything saved by the Blogger importer except your posts and comments. Are you sure you want to do this?'));
$reset = __('Reset this importer');
$incompat = __('Your web server is not properly configured to use this importer. Please enable the CURL extension for PHP and then reload this page.');

2
wp-admin/link-add.php
View File

@ -29,7 +29,7 @@ require('admin-header.php');
<div id="wp-link-bookmarklet" class="wrap">
<h3><?php _e('Add Link Bookmarklet'); ?></h3>
<p><?php _e('Right click on the following link and choose "Bookmark This Link..." to create an add link shortcut. Right now this only works on Mozilla or Netscape, but were working on it.'); ?></p>
<?php printf(__('<p><a href="%s" title="Link add bookmarklet">Link This</a></p>'), "javascript:void(linkmanpopup=window.open('" . get_option('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?>
<?php printf('<p><a href="%s" title="'.__('Link add bookmarklet').'">'.__('Link This').'</a></p>'), "javascript:void(linkmanpopup=window.open('" . get_option('siteurl') . "/wp-admin/link-add.php?action=popup&amp;linkurl='+escape(location.href)+'&amp;name='+escape(document.title),'LinkManager','scrollbars=yes,width=750,height=550,left=15,top=15,status=yes,resizable=yes'));linkmanpopup.focus();window.focus();linkmanpopup.focus();") ?>
</div>
<?php

4
wp-admin/link-manager.php
View File

@ -161,7 +161,7 @@ if ($links)
<?php
echo '<td><a href="link.php?link_id='.$link->link_id.'&amp;action=edit" class="edit">'.__('Edit').'</a></td>';
echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".sprintf(__("You are about to delete the &quot;%s&quot; link to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($link->link_name), js_escape($link->link_url)).'\' );" class="delete">'.__('Delete').'</a></td>';
echo '<td><a href="' . wp_nonce_url('link.php?link_id='.$link->link_id.'&amp;action=delete', 'delete-bookmark_' . $link->link_id ) . '"'." onclick=\"return deleteSomething( 'link', $link->link_id , '".js_escape(sprintf(__("You are about to delete the &quot;%s&quot; link to %s.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $link->link_name, $link->link_url )).'\' );" class="delete">'.__('Delete').'</a></td>';
echo '<td align="center"><input type="checkbox" name="linkcheck[]" value="'.$link->link_id.'" /></td>';
echo "\n </tr>\n";
}
@ -171,7 +171,7 @@ if ($links)
<div id="ajax-response"></div>
<p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Links') ?> &raquo;" onclick="return confirm('<?php _e("You are about to delete these links permanently \\n \'Cancel\' to stop, \'OK\' to delete.") ?>')" /></p>
<p class="submit"><input type="submit" class="button" name="deletebookmarks" id="deletebookmarks" value="<?php _e('Delete Checked Links') ?> &raquo;" onclick="return confirm('<?php echo js_escape(__("You are about to delete these links permanently \\n \'Cancel\' to stop, \'OK\' to delete.")); ?>')" /></p>
</form>
</div>

2
wp-admin/moderation.php
View File

@ -135,7 +135,7 @@ $i = 0;
<?php comment_text() ?>
<p><?php comment_date('M j, g:i A'); ?> &#8212; [ <?php
echo '<a href="comment.php?action=editcomment&amp;c='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';
echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($comment->comment_author)) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
<?php
$post = get_post($comment->comment_post_ID);
$post_title = wp_specialchars( $post->post_title, 'double' );

36
wp-admin/upload-js.php
View File

@ -97,20 +97,20 @@ addLoadEvent( function() {
h += "<form name='uploadoptions' id='uploadoptions' class='alignleft'>";
h += "<table>";
if ( this.currentImage.thumb ) {
h += "<tr><th style='padding-bottom:.5em'><?php echo addslashes(__('Show:')); ?></th><td style='padding-bottom:.5em'>";
h += "<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' checked='checked' /> <?php echo addslashes(__('Thumbnail')); ?></label><br />";
h += "<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> <?php echo addslashes(__('Full size')); ?></label>";
h += "<tr><th style='padding-bottom:.5em'><?php echo js_escape(__('Show:')); ?></th><td style='padding-bottom:.5em'>";
h += "<label for='display-thumb'><input type='radio' name='display' id='display-thumb' value='thumb' checked='checked' /> <?php echo js_escape(__('Thumbnail')); ?></label><br />";
h += "<label for='display-full'><input type='radio' name='display' id='display-full' value='full' /> <?php echo js_escape(__('Full size')); ?></label>";
h += "</td></tr>";
}
h += "<tr><th><?php echo addslashes(__('Link to:')); ?></th><td>";
h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> <?php echo addslashes(__('File')); ?></label><br />";
h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> <?php echo addslashes(__('Page')); ?></label><br />";
h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> <?php echo addslashes(__('None')); ?></label>";
h += "<tr><th><?php echo js_escape(__('Link to:')); ?></th><td>";
h += "<label for='link-file'><input type='radio' name='link' id='link-file' value='file' checked='checked'/> <?php echo js_escape(__('File')); ?></label><br />";
h += "<label for='link-page'><input type='radio' name='link' id='link-page' value='page' /> <?php echo js_escape(__('Page')); ?></label><br />";
h += "<label for='link-none'><input type='radio' name='link' id='link-none' value='none' /> <?php echo js_escape(__('None')); ?></label>";
h += "</td></tr>";
h += "<tr><td colspan='2'><p class='submit'>";
h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='<?php echo addslashes(__('Send to editor')); ?> &raquo;' />";
h += "<input type='button' class='button' name='send' onclick='theFileList.sendToEditor(" + id + ")' value='<?php echo js_escape(__('Send to editor &raquo;')); ?>' />";
h += "</p></td></tr></table>";
h += "</form>";
@ -134,22 +134,22 @@ addLoadEvent( function() {
var params = $H(this.params);
params.ID = '';
params.action = '';
h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "' title='Browse your files' class='back'>&laquo; Back</a>";
h += "<a href='" + this.urlData[0] + '?' + params.toQueryString() + "' title='<?php echo js_escape(__('Browse your files')); ?>' class='back'>&laquo; <?php echo js_escape(__('Back')); ?></a>";
} else {
h += "<a href='#' onclick='return theFileList.cancelView();' title='Browse your files' class='back'>&laquo; Back</a>";
h += "<a href='#' onclick='return theFileList.cancelView();' title='<?php echo js_escape(__('Browse your files')); ?>' class='back'>&laquo; <?php echo js_escape(__('Back')); ?></a>";
}
h += "<div id='file-title'>"
if ( !this.currentImage.isImage )
h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='Direct link to file'>" + this.currentImage.title + "</a></h2>";
h += "<h2><a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo js_escape(__('Direct link to file')); ?>'>" + this.currentImage.title + "</a></h2>";
else
h += "<h2>" + this.currentImage.title + "</h2>";
h += " &#8212; <span>";
h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'>Insert</a>"
h += "<a href='#' onclick='return theFileList.imageView(" + id + ");'><?php js_escape(__('Insert')); ?></a>"
h += "</span>";
h += '</div>'
h += "<div id='upload-file-view' class='alignleft'>";
if ( this.currentImage.isImage ) {
h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='Direct link to file'>";
h += "<a href='" + this.currentImage.srcBase + this.currentImage.src + "' onclick='return false;' title='<?php echo js_escape(__('Direct link to file')); ?>'>";
h += "<img src='" + ( this.currentImage.thumb ? this.currentImage.thumb : this.currentImage.src ) + "' alt='" + this.currentImage.title + "' width='" + this.currentImage.width + "' height='" + this.currentImage.height + "' />";
h += "</a>";
} else
@ -158,20 +158,20 @@ addLoadEvent( function() {
h += "<table><col /><col class='widefat' /><tr>"
h += "<th scope='row'><label for='url'>URL</label></th>";
h += "<th scope='row'><label for='url'><?php echo js_escape(__('URL')); ?></label></th>";
h += "<td><input type='text' id='url' class='readonly' value='" + this.currentImage.srcBase + this.currentImage.src + "' readonly='readonly' /></td>";
h += "</tr><tr>";
h += "<th scope='row'><label for='post_title'>Title</label></th>";
h += "<th scope='row'><label for='post_title'><?php echo js_escape(__('Title')); ?></label></th>";
h += "<td><input type='text' id='post_title' name='post_title' value='" + this.currentImage.title + "' /></td>";
h += "</tr><tr>";
h += "<th scope='row'><label for='post_content'>Description</label></th>";
h += "<th scope='row'><label for='post_content'><?php echo js_escape(__('Description')); ?></label></th>";
h += "<td><textarea name='post_content' id='post_content'>" + this.currentImage.description + "</textarea></td>";
h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='Delete File' onclick='theFileList.deleteFile(" + id + ");' />";
h += "</tr><tr id='buttons' class='submit'><td colspan='2'><input type='button' id='delete' name='delete' class='delete alignleft' value='<?php echo js_escape(__('Delete File')); ?>' onclick='theFileList.deleteFile(" + id + ");' />";
h += "<input type='hidden' name='from_tab' value='" + this.tab + "' />";
h += "<input type='hidden' name='action' id='action-value' value='save' />";
h += "<input type='hidden' name='ID' value='" + id + "' />";
h += "<input type='hidden' name='_wpnonce' value='" + this.nonce + "' />";
h += "<div class='submit'><input type='submit' value='Save &raquo;' /></div>";
h += "<div class='submit'><input type='submit' value='<?php echo js_escape(__('Save &raquo;')); ?>' /></div>";
h += "</td></tr></table></form>";
new Insertion.Top('upload-content', h);

2
wp-includes/bookmark-template.php
View File

@ -107,7 +107,7 @@ function get_links($category = -1,
if ( $show_updated )
if (substr($row->link_updated_f, 0, 2) != '00')
$title .= ' (Last updated ' . date(get_option('links_updated_date_format'), $row->link_updated_f + (get_option('gmt_offset') * 3600)) . ')';
$title .= ' ('.__('Last updated') . ' ' . date(get_option('links_updated_date_format'), $row->link_updated_f + (get_option('gmt_offset') * 3600)) . ')';
if ( '' != $title )
$title = ' title="' . $title . '"';

10
wp-includes/js/autosave.js.php
View File

@ -38,9 +38,9 @@ function autosave_update_post_ID() {
var message;
if(isNaN(res)) {
message = "<?php _e('Error: '); ?>" + response;
message = "<?php js_escape(__('Error: ')); ?>" + response;
} else {
message = "<?php _e('Saved at '); ?>" + autosave_cur_time();
message = "<?php js_escape(__('Saved at ')); ?>" + autosave_cur_time();
$('post_ID').name = "post_ID";
$('post_ID').value = res;
// We need new nonces
@ -60,7 +60,7 @@ function autosave_update_post_ID() {
}
function autosave_loading() {
$('autosave').innerHTML = "<?php _e('Saving Draft...'); ?>";
$('autosave').innerHTML = "<?php js_escape(__('Saving Draft...')); ?>";
}
function autosave_saved() {
@ -69,9 +69,9 @@ function autosave_saved() {
var message;
if(isNaN(res)) {
message = "<?php _e('Error: '); ?>" + response;
message = "<?php js_escape(__('Error: ')); ?>" + response;
} else {
message = "<?php _e('Saved at '); ?>" + autosave_cur_time() + ".";
message = "<?php js_escape(__('Saved at ')); ?>" + autosave_cur_time() + ".";
}
$('autosave').innerHTML = message;
}

4
wp-includes/js/list-manipulation-js.php
View File

@ -1,6 +1,6 @@
<?php @require_once('../../wp-config.php'); cache_javascript_headers(); ?>
addLoadEvent(function(){theList=new listMan();});
function deleteSomething(what,id,message,obj){if(!obj)obj=theList;if(!message)message="<?php printf(__('Are you sure you want to delete this %s?'),"'+what+'"); ?>";if(confirm(message))return obj.ajaxDelete(what,id);else return false;}
function deleteSomething(what,id,message,obj){if(!obj)obj=theList;if(!message)message="<?php printf(js_escape(__('Are you sure you want to delete this %s?')),"'+what+'"); ?>";if(confirm(message))return obj.ajaxDelete(what,id);else return false;}
function dimSomething(what,id,dimClass,obj){if(!obj)obj=theList;return obj.ajaxDimmer(what,id,dimClass);}
var listMan = Class.create();
@ -47,7 +47,7 @@ Object.extend(listMan.prototype, {
if ( tempObj.showLink )
tempObj.showLink = id;
});
ajaxAdd.myResponseElement.update(tempObj.showLink ? ( "<div id='jumplink' class='updated fade'><p><a href='#" + what + '-' + tempObj.showLink + "'><?php _e('Jump to new item'); ?></a></p></div>" ) : '');
ajaxAdd.myResponseElement.update(tempObj.showLink ? ( "<div id='jumplink' class='updated fade'><p><a href='#" + what + '-' + tempObj.showLink + "'><?php js_escape(__('Jump to new item')); ?></a></p></div>" ) : '');
}
if ( tempObj.addComplete && typeof tempObj.addComplete == 'function' )
tempObj.addComplete( what, where, update, transport );

2
wp-includes/js/wp-ajax-js.php
View File

@ -81,7 +81,7 @@ Ajax.Responders.register( {
return;
wpBeforeUnload = window.onbeforeunload;
window.onbeforeunload = function() {
return "<?php _e("Slow down, I'm still sending your data!"); ?>";
return "<?php js_escape(__("Slow down, I'm still sending your data!")); ?>";
}
},
onLoading: function() { // Can switch to onLoaded if we lose data