IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new function for escaping within attributes: attribute_escape()

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith
2006-12-21 10:10:04 +00:00
parent deb53f7027
commit 5a76c03203
37 changed files with 126 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/upgrade.php
View File

@@ -28,7 +28,7 @@ else
<?php
switch($step) {
case 0:
$goback = wp_specialchars(wp_get_referer());
$goback = attribute_escape(stripslashes(wp_get_referer()));
?>
<p><?php _e('This file upgrades you from any previous version of WordPress to the latest. It may take a while though, so be patient.'); ?></p>
<h2 class="step"><a href="upgrade.php?step=1&amp;backto=<?php echo $goback; ?>"><?php _e('Upgrade WordPress &raquo;'); ?></a></h2>
@@ -40,7 +40,7 @@ switch($step) {
if ( empty( $_GET['backto'] ) )
$backto = __get_option('home');
else
$backto = wp_specialchars( $_GET['backto'] , 1 );
$backto = attribute_escape(stripslashes($_GET['backto']));
?>
<h2><?php _e('Step 1'); ?></h2>
<p><?php printf(__("There's actually only one step. So if you see this, you're done. <a href='%s'>Have fun</a>!"), $backto); ?></p>