WordPress/wp-content/themes/twentyten/loop-attachment.php
audrasjb 84729259de Twenty Ten: Escape get_author_posts_url() where appropriate in functions.php file.
This changeset adds missing escaping to some instances of `get_author_posts_url()` used in Twenty Ten, as per WordPress Coding Standards.

Props hztyfoon, robinwpdeveloper, mukesh27, rudlinkon, SergeyBiryukov, jakariaistauk.
Fixes #56674.

Built from https://develop.svn.wordpress.org/trunk@54344


git-svn-id: http://core.svn.wordpress.org/trunk@53903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-28 12:40:15 +00:00

183 lines
6.1 KiB
PHP

<?php
/**
* The loop that displays an attachment
*
* The loop displays the posts and the post content. See
* https://developer.wordpress.org/themes/basics/the-loop/ to understand it and
* https://developer.wordpress.org/themes/basics/template-tags/ to understand
* the tags used in it.
*
* This can be overridden in child themes with loop-attachment.php.
*
* @package WordPress
* @subpackage Twenty_Ten
* @since Twenty Ten 1.2
*/
?>
<?php
if ( have_posts() ) {
while ( have_posts() ) :
the_post();
?>
<?php
if ( ! empty( $post->post_parent ) ) :
/* translators: %s: Post title. */
$post_title = sprintf( __( 'Go to %s', 'twentyten' ), strip_tags( get_the_title( $post->post_parent ) ) );
?>
<p class="page-title"><a href="<?php echo esc_url( get_permalink( $post->post_parent ) ); ?>" title="<?php echo esc_attr( $post_title ); ?>" rel="gallery">
<?php
/* translators: %s: Title of parent post. */
printf( __( '<span class="meta-nav">&larr;</span> %s', 'twentyten' ), get_the_title( $post->post_parent ) );
?>
</a></p>
<?php endif; ?>
<div id="post-<?php the_ID(); ?>" <?php post_class(); ?>>
<h2 class="entry-title"><?php the_title(); ?></h2>
<div class="entry-meta">
<?php
printf(
/* translators: %s: Author display name. */
__( '<span class="%1$s">By</span> %2$s', 'twentyten' ),
'meta-prep meta-prep-author',
sprintf(
'<span class="author vcard"><a class="url fn n" href="%1$s" title="%2$s" rel="author">%3$s</a></span>',
esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ),
/* translators: %s: Author display name. */
esc_attr( sprintf( __( 'View all posts by %s', 'twentyten' ), get_the_author() ) ),
get_the_author()
)
);
?>
<span class="meta-sep">|</span>
<?php
printf(
/* translators: 1: CSS classes, 2: Date. */
__( '<span class="%1$s">Published</span> %2$s', 'twentyten' ),
'meta-prep meta-prep-entry-date',
sprintf(
'<span class="entry-date"><abbr class="published" title="%1$s">%2$s</abbr></span>',
esc_attr( get_the_time() ),
get_the_date()
)
);
if ( wp_attachment_is_image() ) {
echo ' <span class="meta-sep">|</span> ';
$metadata = wp_get_attachment_metadata();
printf(
/* translators: %s: Image dimensions. */
__( 'Full size is %s pixels', 'twentyten' ),
sprintf(
'<a href="%1$s" title="%2$s">%3$s &times; %4$s</a>',
esc_url( wp_get_attachment_url() ),
esc_attr( __( 'Link to full-size image', 'twentyten' ) ),
$metadata['width'],
$metadata['height']
)
);
}
?>
<?php edit_post_link( __( 'Edit', 'twentyten' ), '<span class="meta-sep">|</span> <span class="edit-link">', '</span>' ); ?>
</div><!-- .entry-meta -->
<div class="entry-content">
<div class="entry-attachment">
<?php
if ( wp_attachment_is_image() ) :
$attachments = array_values(
get_children(
array(
'post_parent' => $post->post_parent,
'post_status' => 'inherit',
'post_type' => 'attachment',
'post_mime_type' => 'image',
'order' => 'ASC',
'orderby' => 'menu_order ID',
)
)
);
foreach ( $attachments as $k => $attachment ) {
if ( $attachment->ID == $post->ID ) {
break;
}
}
// If there is more than 1 image attachment in a gallery...
if ( count( $attachments ) > 1 ) {
$k++;
if ( isset( $attachments[ $k ] ) ) {
// ...get the URL of the next image attachment.
$next_attachment_url = get_attachment_link( $attachments[ $k ]->ID );
} else {
// ...or get the URL of the first image attachment.
$next_attachment_url = get_attachment_link( $attachments[0]->ID );
}
} else {
// Or, if there's only 1 image attachment, get the URL of the image.
$next_attachment_url = wp_get_attachment_url();
}
?>
<p class="attachment"><a href="<?php echo esc_url( $next_attachment_url ); ?>" title="<?php the_title_attribute(); ?>" rel="attachment">
<?php
/**
* Filters the Twenty Ten default attachment width.
*
* @since Twenty Ten 1.0
*
* @param int The default attachment width in pixels. Default 900.
*/
$attachment_width = apply_filters( 'twentyten_attachment_size', 900 );
/**
* Filters the Twenty Ten default attachment height.
*
* @since Twenty Ten 1.0
*
* @param int The default attachment height in pixels. Default 900.
*/
$attachment_height = apply_filters( 'twentyten_attachment_height', 900 );
// Filterable image width with, essentially, no limit for image height.
echo wp_get_attachment_image( $post->ID, array( $attachment_width, $attachment_height ) );
?>
</a></p>
<div id="nav-below" class="navigation">
<div class="nav-previous"><?php previous_image_link( false ); ?></div>
<div class="nav-next"><?php next_image_link( false ); ?></div>
</div><!-- #nav-below -->
<?php else : ?>
<a href="<?php echo esc_url( wp_get_attachment_url() ); ?>" title="<?php the_title_attribute(); ?>" rel="attachment"><?php echo esc_html( wp_basename( get_permalink() ) ); ?></a>
<?php endif; ?>
</div><!-- .entry-attachment -->
<div class="entry-caption">
<?php
if ( ! empty( $post->post_excerpt ) ) {
the_excerpt();}
?>
</div>
<?php the_content( __( 'Continue reading <span class="meta-nav">&rarr;</span>', 'twentyten' ) ); ?>
<?php
wp_link_pages(
array(
'before' => '<div class="page-link">' . __( 'Pages:', 'twentyten' ),
'after' => '</div>',
)
);
?>
</div><!-- .entry-content -->
<div class="entry-utility">
<?php twentyten_posted_in(); ?>
<?php edit_post_link( __( 'Edit', 'twentyten' ), ' <span class="edit-link">', '</span>' ); ?>
</div><!-- .entry-utility -->
</div><!-- #post-<?php the_ID(); ?> -->
<?php comments_template(); ?>
<?php endwhile;
} // End of the loop. ?>