IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new function for escaping within attributes: attribute_escape()

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith
2006-12-21 10:10:04 +00:00
parent deb53f7027
commit 5a76c03203
37 changed files with 126 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wp-includes/general-template.php
View File

@@ -279,7 +279,7 @@ function single_month_title($prefix = '', $display = true ) {
/* link navigation hack by Orien http://icecode.com/ */
function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
$text = wptexturize($text);
$title_text = wp_specialchars($text, 1);
$title_text = attribute_escape($text);
if ('link' == $format)
return "\t<link rel='archives' title='$title_text' href='$url' />\n";
@@ -901,7 +901,7 @@ function the_editor($content, $id = 'content', $prev_id = 'title') {
function the_search_query() {
global $s;
echo wp_specialchars( stripslashes($s), 1 );
echo attribute_escape( stripslashes($s));
}
function language_attributes() {
@@ -956,7 +956,7 @@ function paginate_links( $arg = '' ) {
$link = str_replace('%#%', $current - 1, $link);
if ( $add_args )
$link = add_query_arg( $add_args, $link );
$page_links[] = "<a class='prev page-numbers' href='" . wp_specialchars( $link, 1 ) . "'>$prev_text</a>";
$page_links[] = "<a class='prev page-numbers' href='" . attribute_escape( $link) . "'>$prev_text</a>";
endif;
for ( $n = 1; $n <= $total; $n++ ) :
if ( $n == $current ) :
@@ -968,7 +968,7 @@ function paginate_links( $arg = '' ) {
$link = str_replace('%#%', $n, $link);
if ( $add_args )
$link = add_query_arg( $add_args, $link );
$page_links[] = "<a class='page-numbers' href='" . wp_specialchars( $link, 1 ) . "'>$n</a>";
$page_links[] = "<a class='page-numbers' href='" . attribute_escape( $link) . "'>$n</a>";
$dots = true;
elseif ( $dots && !$show_all ) :
$page_links[] = "<span class='page-numbers dots'>...</span>";
@@ -981,7 +981,7 @@ function paginate_links( $arg = '' ) {
$link = str_replace('%#%', $current + 1, $link);
if ( $add_args )
$link = add_query_arg( $add_args, $link );
$page_links[] = "<a class='next page-numbers' href='" . wp_specialchars( $link, 1 ) . "'>$next_text</a>";
$page_links[] = "<a class='next page-numbers' href='" . attribute_escape( $link) . "'>$next_text</a>";
endif;
switch ( $type ) :
case 'array' :