vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 22:30:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@16431 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Mark Jaquith
2010-11-17 17:12:01 +00:00
parent b9b0431d29
commit 55e0256967
22 changed files with 48 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/includes/template.php
View File

@@ -483,7 +483,7 @@ function _list_meta_row( $entry, &$count ) {
}
$entry['meta_key'] = esc_attr($entry['meta_key']);
$entry['meta_value'] = htmlspecialchars($entry['meta_value']); // using a <textarea />
$entry['meta_value'] = esc_textarea( $entry['meta_value'] ); // using a <textarea />
$entry['meta_id'] = (int) $entry['meta_id'];
$delete_nonce = wp_create_nonce( 'delete-meta_' . $entry['meta_id'] );
@@ -718,7 +718,7 @@ function the_attachment_links( $id = false ) {
<col class="widefat" />
<tr>
<th scope="row"><?php _e( 'URL' ) ?></th>
<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><?php echo wp_get_attachment_url(); ?></textarea></td>
<td><textarea rows="1" cols="40" type="text" class="attachmentlinks" readonly="readonly"><?php echo esc_textarea( wp_get_attachment_url() ); ?></textarea></td>
</tr>
<?php if ( $icon ) : ?>
<tr>