mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2026-07-02 00:00:15 +00:00
Have get_search_query() escape by default, like it's echoing counterpart the_search_query(). see #12780
git-svn-id: https://develop.svn.wordpress.org/trunk@13978 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
@@ -156,7 +156,7 @@ function get_search_form($echo = true) {
|
||||
|
||||
$form = '<form role="search" method="get" id="searchform" action="' . home_url() . '/" >
|
||||
<div><label class="screen-reader-text" for="s">' . __('Search for:') . '</label>
|
||||
<input type="text" value="' . esc_attr(apply_filters('the_search_query', get_search_query())) . '" name="s" id="s" />
|
||||
<input type="text" value="' . get_search_query() . '" name="s" id="s" />
|
||||
<input type="submit" id="searchsubmit" value="'. esc_attr__('Search') .'" />
|
||||
</div>
|
||||
</form>';
|
||||
@@ -1642,7 +1642,7 @@ function feed_links_extra( $args = array() ) {
|
||||
$title = esc_attr(sprintf( $args['authortitle'], get_bloginfo('name'), $args['separator'], get_the_author_meta( 'display_name', $author_id ) ));
|
||||
$href = get_author_feed_link( $author_id );
|
||||
} elseif ( is_search() ) {
|
||||
$title = esc_attr(sprintf( $args['searchtitle'], get_bloginfo('name'), $args['separator'], get_search_query() ));
|
||||
$title = esc_attr(sprintf( $args['searchtitle'], get_bloginfo('name'), $args['separator'], get_search_query( false ) ));
|
||||
$href = get_search_feed_link();
|
||||
}
|
||||
|
||||
@@ -1825,12 +1825,21 @@ function the_editor($content, $id = 'content', $prev_id = 'title', $media_button
|
||||
/**
|
||||
* Retrieve the contents of the search WordPress query variable.
|
||||
*
|
||||
* @since 2.3.0
|
||||
* The search query string is passed through {@link esc_attr()}
|
||||
* to ensure that it is safe for placing in an html attribute.
|
||||
*
|
||||
* @since 2.3.0
|
||||
* @uses esc_attr()
|
||||
*
|
||||
* @param bool $escaped Whether the result is escaped. Default true.
|
||||
* Only use when you are later escaping it. Do not use unescaped.
|
||||
* @return string
|
||||
*/
|
||||
function get_search_query() {
|
||||
return apply_filters( 'get_search_query', get_query_var( 's' ) );
|
||||
function get_search_query( $escaped = true ) {
|
||||
$query = apply_filters( 'get_search_query', get_query_var( 's' ) );
|
||||
if ( $escaped )
|
||||
$query = esc_attr( $query );
|
||||
return $query;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1839,11 +1848,11 @@ function get_search_query() {
|
||||
* The search query string is passed through {@link esc_attr()}
|
||||
* to ensure that it is safe for placing in an html attribute.
|
||||
*
|
||||
* @uses attr
|
||||
* @uses esc_attr()
|
||||
* @since 2.1.0
|
||||
*/
|
||||
function the_search_query() {
|
||||
echo esc_attr( apply_filters( 'the_search_query', get_search_query() ) );
|
||||
echo esc_attr( apply_filters( 'the_search_query', get_search_query( false ) ) );
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user