IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new function for escaping within attributes: attribute_escape()

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith
2006-12-21 10:10:04 +00:00
parent deb53f7027
commit 5a76c03203
37 changed files with 126 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/edit-comments.php
View File

@@ -7,7 +7,7 @@ wp_enqueue_script( 'admin-comments' );
require_once('admin-header.php');
if (empty($_GET['mode'])) $mode = 'view';
else $mode = wp_specialchars($_GET['mode'], 1);
else $mode = attribute_escape($_GET['mode']);
?>
<script type="text/javascript">
@@ -42,7 +42,7 @@ function getNumChecked(form)
<form name="searchform" action="" method="get" id="editcomments">
<fieldset>
<legend><?php _e('Show Comments That Contain...') ?></legend>
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" />
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
<input type="submit" name="submit" value="<?php _e('Search') ?>" />
<input type="hidden" name="mode" value="<?php echo $mode; ?>" />
<?php _e('(Searches within comment text, e-mail, URL, and IP address.)') ?>