diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php
index 34d179ceff..d8b74561bb 100644
--- a/wp-admin/includes/ajax-actions.php
+++ b/wp-admin/includes/ajax-actions.php
@@ -2575,11 +2575,8 @@ function wp_ajax_send_attachment_to_editor() {
}
}
- $rel = '';
$url = empty( $attachment['url'] ) ? '' : $attachment['url'];
- if ( strpos( $url, 'attachment_id') || get_attachment_link( $id ) == $url ) {
- $rel = 'attachment wp-att-' . $id;
- }
+ $rel = ( strpos( $url, 'attachment_id') || get_attachment_link( $id ) == $url );
remove_filter( 'media_send_to_editor', 'image_media_send_to_editor' );
@@ -2600,8 +2597,10 @@ function wp_ajax_send_attachment_to_editor() {
$html = stripslashes_deep( $_POST['html'] );
} else {
$html = isset( $attachment['post_title'] ) ? $attachment['post_title'] : '';
+ $rel = $rel ? ' rel="attachment wp-att-' . $id . '"' : ''; // Hard-coded string, $id is already sanitized
+
if ( ! empty( $url ) ) {
- $html = '' . $html . '';
+ $html = '' . $html . '';
}
}
diff --git a/wp-admin/includes/media.php b/wp-admin/includes/media.php
index 2f7e585731..194e8273a1 100644
--- a/wp-admin/includes/media.php
+++ b/wp-admin/includes/media.php
@@ -111,24 +111,28 @@ function the_media_upload_tabs() {
* @param string $title Image title attribute.
* @param string $align Image CSS alignment property.
* @param string $url Optional. Image src URL. Default empty.
- * @param string $rel Optional. Image rel attribute. Default empty.
+ * @param bool|string $rel Optional. Value for rel attribute or whether to add a dafault value. Default false.
* @param string|array $size Optional. Image size. Accepts any valid image size, or an array of width
* and height values in pixels (in that order). Default 'medium'.
* @param string $alt Optional. Image alt attribute. Default empty.
* @return string The HTML output to insert into the editor.
*/
-function get_image_send_to_editor( $id, $caption, $title, $align, $url = '', $rel = '', $size = 'medium', $alt = '' ) {
+function get_image_send_to_editor( $id, $caption, $title, $align, $url = '', $rel = false, $size = 'medium', $alt = '' ) {
- $html = get_image_tag($id, $alt, '', $align, $size);
+ $html = get_image_tag( $id, $alt, '', $align, $size );
- if ( ! $rel ) {
- $rel = ' rel="attachment wp-att-' . esc_attr( $id ) . '"';
+ if ( $rel ) {
+ if ( is_string( $rel ) ) {
+ $rel = ' rel="' . esc_attr( $rel ) . '"';
+ } else {
+ $rel = ' rel="attachment wp-att-' . intval( $id ) . '"';
+ }
} else {
- $rel = ' rel="' . esc_attr( $rel ) . '"';
+ $rel = '';
}
if ( $url )
- $html = '$html";
+ $html = '' . $html . '';
/**
* Filter the image HTML markup to send to the editor.
@@ -1166,7 +1170,7 @@ function image_media_send_to_editor($html, $attachment_id, $attachment) {
$align = !empty($attachment['align']) ? $attachment['align'] : 'none';
$size = !empty($attachment['image-size']) ? $attachment['image-size'] : 'medium';
$alt = !empty($attachment['image_alt']) ? $attachment['image_alt'] : '';
- $rel = ( $url == get_attachment_link($attachment_id) );
+ $rel = ( strpos( $url, 'attachment_id') || $url === get_attachment_link( $attachment_id ) );
return get_image_send_to_editor($attachment_id, $attachment['post_excerpt'], $attachment['post_title'], $align, $url, $rel, $size, $alt);
}
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 1ee563e8ec..56d618b9a6 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
-$wp_version = '4.5-beta4-37034';
+$wp_version = '4.5-beta4-37035';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.