IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

attribute_escape()s and int casts. see #4333

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@5543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan
2007-05-25 09:41:04 +00:00
parent 770613e763
commit 8e547a3677
9 changed files with 52 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wp-admin/edit-form-comment.php
View File

@@ -2,13 +2,13 @@
$submitbutton_text = __('Edit Comment »');
$toprow_title = sprintf(__('Editing Comment # %s'), $comment->comment_ID);
$form_action = 'editedcomment';
$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='".$comment->comment_post_ID;
$form_extra = "' />\n<input type='hidden' name='comment_ID' value='" . $comment->comment_ID . "' />\n<input type='hidden' name='comment_post_ID' value='" . $comment->comment_post_ID;
?>
<form name="post" action="comment.php" method="post" id="post">
<?php wp_nonce_field('update-comment_' . $comment->comment_ID) ?>
<div class="wrap">
<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
<input type="hidden" name="user_ID" value="<?php echo (int) $user_ID ?>" />
<input type="hidden" name="action" value='<?php echo $form_action . $form_extra ?>' />
<script type="text/javascript">
@@ -20,19 +20,19 @@ addLoadEvent(focusit);
<fieldset id="namediv">
<legend><label for="name"><?php _e('Name:') ?></label></legend>
<div>
<input type="text" name="newcomment_author" size="25" value="<?php echo $comment->comment_author ?>" tabindex="1" id="name" />
<input type="text" name="newcomment_author" size="25" value="<?php echo attribute_escape( $comment->comment_author ); ?>" tabindex="1" id="name" />
</div>
</fieldset>
<fieldset id="emaildiv">
<legend><label for="email"><?php _e('E-mail:') ?></label></legend>
<div>
<input type="text" name="newcomment_author_email" size="20" value="<?php echo $comment->comment_author_email ?>" tabindex="2" id="email" />
<input type="text" name="newcomment_author_email" size="20" value="<?php echo attribute_escape( $comment->comment_author_email ); ?>" tabindex="2" id="email" />
</div>
</fieldset>
<fieldset id="uridiv">
<legend><label for="newcomment_author_url"><?php _e('URL:') ?></label></legend>
<div>
<input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo $comment->comment_author_url ?>" tabindex="3" />
<input type="text" id="newcomment_author_url" name="newcomment_author_url" size="35" value="<?php echo attribute_escape( $comment->comment_author_url ); ?>" tabindex="3" />
</div>
</fieldset>