More validation fixes. Escape some preview=true URLs, also clean up tags in edit-attachment-rows. Slight CSS tweak to match presentation to the formerly invalid HTML. props zeo, see #13383.

git-svn-id: https://develop.svn.wordpress.org/trunk@14673 602fd350-edb4-49c9-b593-d223f7449a82
2026-06-28 22:30:04 +00:00 · 2010-05-15 20:36:49 +00:00
parent 904ccf82e8
commit 23d6bf302c
5 changed files with 9 additions and 7 deletions
--- a/wp-admin/edit-attachment-rows.php
+++ b/wp-admin/edit-attachment-rows.php
@@ -84,14 +84,15 @@ foreach ($posts_columns as $column_name => $column_display_name ) {

 	case 'media':
 		?>
-		<td <?php echo $attributes ?>><strong><?php if ( $is_trash ) echo $att_title; else { ?><a href="<?php echo get_edit_post_link( $post->ID, true ); ?>" title="<?php echo esc_attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>"><?php echo $att_title; ?></a><?php } ?></strong><br />
+		<td <?php echo $attributes ?>><strong><?php if ( $is_trash ) echo $att_title; else { ?><a href="<?php echo get_edit_post_link( $post->ID, true ); ?>" title="<?php echo esc_attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>"><?php echo $att_title; ?></a><?php } ?></strong>
+		<p>
 		<?php
 		if ( preg_match( '/^.*?\.(\w+)$/', get_attached_file( $post->ID ), $matches ) )
 			echo esc_html( strtoupper( $matches[1] ) );
 		else
 			echo strtoupper( str_replace( 'image/', '', get_post_mime_type() ) );
 		?>
-		<p>
+		</p>
 		<?php
 		$actions = array();
 		if ( current_user_can('edit_post', $post->ID) && !$is_trash )
@@ -120,7 +121,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
 			echo "<span class='$action'>$link$sep</span>";
 		}
 		echo '</div>';
-		?></p></td>
+		?></td>
 		<?php
 		break;