Navigation

← Previous Changeset
Next Changeset →

Changeset 4656

Timestamp:

12/21/06 10:10:04 (2 years ago)

Author:

markjaquith

Message:

new function for escaping within attributes: attribute_escape()

Files:

branches/2.0/wp-admin/admin-functions.php (modified) (6 diffs)
branches/2.0/wp-admin/bookmarklet.php (modified) (1 diff)
branches/2.0/wp-admin/categories.php (modified) (2 diffs)
branches/2.0/wp-admin/edit-comments.php (modified) (2 diffs)
branches/2.0/wp-admin/edit-form-advanced.php (modified) (1 diff)
branches/2.0/wp-admin/edit-link-form.php (modified) (1 diff)
branches/2.0/wp-admin/edit-page-form.php (modified) (1 diff)
branches/2.0/wp-admin/edit-pages.php (modified) (1 diff)
branches/2.0/wp-admin/edit.php (modified) (1 diff)
branches/2.0/wp-admin/inline-uploading.php (modified) (2 diffs)
branches/2.0/wp-admin/link-categories.php (modified) (1 diff)
branches/2.0/wp-admin/link-manager.php (modified) (2 diffs)
branches/2.0/wp-admin/options-misc.php (modified) (1 diff)
branches/2.0/wp-admin/options-permalink.php (modified) (2 diffs)
branches/2.0/wp-admin/options.php (modified) (1 diff)
branches/2.0/wp-admin/post.php (modified) (1 diff)
branches/2.0/wp-admin/templates.php (modified) (1 diff)
branches/2.0/wp-admin/theme-editor.php (modified) (1 diff)
branches/2.0/wp-admin/upgrade.php (modified) (2 diffs)
branches/2.0/wp-content/themes/classic/comments-popup.php (modified) (1 diff)
branches/2.0/wp-content/themes/default/comments-popup.php (modified) (1 diff)
branches/2.0/wp-content/themes/default/searchform.php (modified) (1 diff)
branches/2.0/wp-includes/comment-functions.php (modified) (4 diffs)
branches/2.0/wp-includes/functions-formatting.php (modified) (1 diff)
branches/2.0/wp-includes/functions.php (modified) (5 diffs)
branches/2.0/wp-includes/links.php (modified) (2 diffs)
branches/2.0/wp-includes/template-functions-author.php (modified) (2 diffs)
branches/2.0/wp-includes/template-functions-category.php (modified) (1 diff)
branches/2.0/wp-includes/template-functions-general.php (modified) (1 diff)
branches/2.0/wp-includes/template-functions-post.php (modified) (1 diff)
branches/2.0/wp-links-opml.php (modified) (1 diff)
branches/2.0/wp-login.php (modified) (2 diffs)
branches/2.0/wp-register.php (modified) (1 diff)
trunk/wp-admin/admin-ajax.php (modified) (2 diffs)
trunk/wp-admin/admin-functions.php (modified) (8 diffs)
trunk/wp-admin/bookmarklet.php (modified) (1 diff)
trunk/wp-admin/edit-category-form.php (modified) (2 diffs)
trunk/wp-admin/edit-comments.php (modified) (2 diffs)
trunk/wp-admin/edit-form-advanced.php (modified) (1 diff)
trunk/wp-admin/edit-link-form.php (modified) (1 diff)
trunk/wp-admin/edit-page-form.php (modified) (1 diff)
trunk/wp-admin/edit-pages.php (modified) (1 diff)
trunk/wp-admin/edit.php (modified) (1 diff)
trunk/wp-admin/link-manager.php (modified) (2 diffs)
trunk/wp-admin/options-misc.php (modified) (1 diff)
trunk/wp-admin/options-permalink.php (modified) (2 diffs)
trunk/wp-admin/options.php (modified) (1 diff)
trunk/wp-admin/page.php (modified) (1 diff)
trunk/wp-admin/post.php (modified) (1 diff)
trunk/wp-admin/templates.php (modified) (1 diff)
trunk/wp-admin/theme-editor.php (modified) (1 diff)
trunk/wp-admin/upgrade.php (modified) (2 diffs)
trunk/wp-admin/upload-functions.php (modified) (3 diffs)
trunk/wp-admin/upload-js.php (modified) (4 diffs)
trunk/wp-admin/upload.php (modified) (1 diff)
trunk/wp-admin/user-edit.php (modified) (1 diff)
trunk/wp-admin/users.php (modified) (3 diffs)
trunk/wp-content/themes/classic/comments-popup.php (modified) (1 diff)
trunk/wp-content/themes/default/comments-popup.php (modified) (1 diff)
trunk/wp-includes/author-template.php (modified) (2 diffs)
trunk/wp-includes/bookmark-template.php (modified) (2 diffs)
trunk/wp-includes/classes.php (modified) (2 diffs)
trunk/wp-includes/comment-template.php (modified) (1 diff)
trunk/wp-includes/comment.php (modified) (3 diffs)
trunk/wp-includes/formatting.php (modified) (1 diff)
trunk/wp-includes/functions.php (modified) (4 diffs)
trunk/wp-includes/general-template.php (modified) (5 diffs)
trunk/wp-includes/post-template.php (modified) (3 diffs)
trunk/wp-links-opml.php (modified) (2 diffs)
trunk/wp-login.php (modified) (4 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

branches/2.0/wp-admin/admin-functions.php

r4640	r4656
290	290	$text = wp_specialchars(stripslashes(urldecode($_REQUEST['text'])));
291	291	$text = funky_javascript_fix($text);
292		$popupurl = ~~wp_specialchars($_REQUEST['popupurl']~~);
	292	$popupurl = attribute_escape(stripslashes($_REQUEST['popupurl']));
293	293	$post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
294	294	}
…	…
338	338	function get_user_to_edit($user_id) {
339	339	$user = new WP_User($user_id);
340		$user->user_login = ~~wp_specialchars($user->user_login, 1~~);
341		$user->user_email = ~~wp_specialchars($user->user_email, 1~~);
342		$user->user_url = ~~wp_specialchars($user->user_url, 1~~);
343		$user->first_name = ~~wp_specialchars($user->first_name, 1~~);
344		$user->last_name = ~~wp_specialchars($user->last_name, 1~~);
345		$user->display_name = ~~wp_specialchars($user->display_name, 1~~);
346		$user->nickname = ~~wp_specialchars($user->nickname, 1~~);
347		$user->aim = ~~wp_specialchars($user->aim, 1~~);
348		$user->yim = ~~wp_specialchars($user->yim, 1~~);
349		$user->jabber = ~~wp_specialchars($user->jabber, 1~~);
	340	$user->user_login = attribute_escape($user->user_login);
	341	$user->user_email = attribute_escape($user->user_email);
	342	$user->user_url = attribute_escape($user->user_url);
	343	$user->first_name = attribute_escape($user->first_name);
	344	$user->last_name = attribute_escape($user->last_name);
	345	$user->display_name = attribute_escape($user->display_name);
	346	$user->nickname = attribute_escape($user->nickname);
	347	$user->aim = attribute_escape($user->aim);
	348	$user->yim = attribute_escape($user->yim);
	349	$user->jabber = attribute_escape($user->jabber);
350	350	$user->description = wp_specialchars($user->description);
351	351
…	…
468	468	$link = get_link($link_id);
469	469
470		$link->link_url = ~~wp_specialchars($link->link_url, 1~~);
471		$link->link_name = ~~wp_specialchars($link->link_name, 1~~);
472		$link->link_image = ~~wp_specialchars($link->link_image, 1~~);
473		$link->link_description = ~~wp_specialchars($link->link_description, 1~~);
	470	$link->link_url = attribute_escape($link->link_url);
	471	$link->link_name = attribute_escape($link->link_name);
	472	$link->link_image = attribute_escape($link->link_image);
	473	$link->link_description = attribute_escape($link->link_description);
474	474	$link->link_notes = wp_specialchars($link->link_notes);
475		$link->link_rss = ~~wp_specialchars($link->link_rss, 1~~);
476		$link->link_rel = ~~wp_specialchars($link->link_rel, 1~~);
	475	$link->link_rss = attribute_escape($link->link_rss);
	476	$link->link_rel = attribute_escape($link->link_rel);
477	477	$link->post_category = $link->link_category;
478	478
…	…
482	482	function get_default_link_to_edit() {
483	483	if ( isset($_GET['linkurl']) )
484		$link->link_url = ~~wp_specialchars($_GET['linkurl'], 1~~);
	484	$link->link_url = attribute_escape($_GET['linkurl']);
485	485	else
486	486	$link->link_url = '';
487	487
488	488	if ( isset($_GET['name']) )
489		$link->link_name = ~~wp_specialchars($_GET['name'], 1~~);
	489	$link->link_name = attribute_escape($_GET['name']);
490	490	else
491	491	$link->link_name = '';
…	…
861	861	}
862	862
863		$entry['meta_key'] = ~~wp_specialchars( $entry['meta_key'], true~~ );
864		$entry['meta_value'] = ~~wp_specialchars( $entry['meta_value'], true~~ );
	863	$entry['meta_key'] = attribute_escape( $entry['meta_key']);
	864	$entry['meta_value'] = attribute_escape( $entry['meta_value']);
865	865	echo "
866	866	<tr class='$style'>
…	…
913	913
914	914	foreach ($keys as $key) {
915		$key = ~~wp_specialchars($key, 1~~);
	915	$key = attribute_escape($key);
916	916	echo "\n\t<option value='$key'>$key</option>";
917	917	}

branches/2.0/wp-admin/bookmarklet.php

r2972	r4656
38	38
39	39	$content = wp_specialchars($_REQUEST['content']);
40		$popupurl = ~~wp_specialchars($_REQUEST['popupurl']~~);
	40	$popupurl = attribute_escape(stripslashes($_REQUEST['popupurl']));
41	41	if ( !empty($content) ) {
42	42	$post->post_content = wp_specialchars( stripslashes($_REQUEST['content']) );

branches/2.0/wp-admin/categories.php

r4470	r4656
70	70	<tr>
71	71	<th width="33%" scope="row"><?php _e('Category name:') ?></th>
72		<td width="67%"><input name="cat_name" type="text" value="<?php echo ~~wp_specialchars~~($category->cat_name); ?>" size="40" /> <input type="hidden" name="action" value="editedcat" />
	72	<td width="67%"><input name="cat_name" type="text" value="<?php echo attribute_escape($category->cat_name); ?>" size="40" /> <input type="hidden" name="action" value="editedcat" />
73	73	<input type="hidden" name="cat_ID" value="<?php echo $category->cat_ID ?>" /></td>
74	74	</tr>
75	75	<tr>
76	76	<th scope="row"><?php _e('Category slug:') ?></th>
77		<td><input name="category_nicename" type="text" value="<?php echo ~~wp_specialchars~~($category->category_nicename); ?>" size="40" /></td>
	77	<td><input name="category_nicename" type="text" value="<?php echo attribute_escape($category->category_nicename); ?>" size="40" /></td>
78	78	</tr>
79	79	<tr>
…	…
87	87	<tr>
88	88	<th scope="row"><?php _e('Description:') ?></th>
89		<td><textarea name="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description~~, 1~~); ?></textarea></td>
	89	<td><textarea name="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->category_description); ?></textarea></td>
90	90	</tr>
91	91	</table>

branches/2.0/wp-admin/edit-comments.php

r3945	r4656
8	8	require_once('admin-header.php');
9	9	if (empty($_GET['mode'])) $mode = 'view';
10		else $mode = ~~wp_specialchars($_GET['mode'], 1~~);
	10	else $mode = attribute_escape($_GET['mode']);
11	11	?>
12	12
…	…
31	31	<fieldset>
32	32	<legend><?php _e('Show Comments That Contain...') ?></legend>
33		<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo ~~wp_specialchars($_GET['s'], 1~~); ?>" size="17" />
	33	<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
34	34	<input type="submit" name="submit" value="<?php _e('Search') ?>" />
35	35	<input type="hidden" name="mode" value="<?php echo $mode; ?>" />

branches/2.0/wp-admin/edit-form-advanced.php

r4632	r4656
212	212	<input name="referredby" type="hidden" id="referredby" value="<?php
213	213	if ( !empty($_REQUEST['popupurl']) )
214		echo ~~wp_specialchars($_REQUEST['popupurl']~~);
215		else if ( url_to_postid(~~wp_get_referer(~~)) == $post_ID )
	214	echo attribute_escape(stripslashes($_REQUEST['popupurl']));
	215	else if ( url_to_postid(stripslashes(wp_get_referer())) == $post_ID )
216	216	echo 'redo';
217	217	else
218		echo ~~wp_specialchars(wp_get_referer(~~));
	218	echo attribute_escape(stripslashes(wp_get_referer()));
219	219	?>" /></p>
220	220

branches/2.0/wp-admin/edit-link-form.php

r3977	r4656
231	231	<input type="hidden" name="action" value="editlink" />
232	232	<input type="hidden" name="link_id" value="<?php echo (int) $link_id; ?>" />
233		<input type="hidden" name="order_by" value="<?php echo ~~wp_specialchars($order_by, 1~~); ?>" />
	233	<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
234	234	<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
235	235	<?php else: ?>

branches/2.0/wp-admin/edit-page-form.php

r4242	r4656
15	15	}
16	16
17		$sendto = ~~wp_get_referer(~~);
	17	$sendto = attribute_escape(wp_get_referer());
18	18
19	19	if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
20	20	$sendto = 'redo';
21		~~$sendto = wp_specialchars( $sendto );~~
22	21
23	22	?>

branches/2.0/wp-admin/edit-pages.php

r3906	r4656
14	14	<fieldset>
15	15	<legend><?php _e('Search Pages…') ?></legend>
16		<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo ~~wp_specialchars($_GET['s'], 1~~); ?>" size="17" />
	16	<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
17	17	<input type="submit" name="submit" value="<?php _e('Search') ?>" />
18	18	</fieldset>

branches/2.0/wp-admin/edit.php

r3805	r4656
80	80	<fieldset>
81	81	<legend><?php _e('Search Posts…') ?></legend>
82		<input type="text" name="s" value="<?php if (isset($s)) echo ~~wp_specialchars($s, 1~~); ?>" size="17" />
	82	<input type="text" name="s" value="<?php if (isset($s)) echo attribute_escape($s); ?>" size="17" />
83	83	<input type="submit" name="submit" value="<?php _e('Search') ?>" />
84	84	</fieldset>

branches/2.0/wp-admin/inline-uploading.php

r4416	r4656
241	241	$ypadding = (96 - $image['uheight']) / 2;
242	242	$style .= "#target{$ID} img { padding: {$ypadding}px {$xpadding}px; }\n";
243		$title = ~~wp_specialchars($image['post_title'], ENT_QUOTES~~);
	243	$title = attribute_escape($image['post_title']);
244	244	$script .= "aa[{$ID}] = '<a id=\"p{$ID}\" rel=\"attachment\" class=\"imagelink\" href=\"$href\" onclick=\"doPopup({$ID});return false;\" title=\"{$title}\">';
245	245	ab[{$ID}] = '<a class=\"imagelink\" href=\"{$image['guid']}\" onclick=\"doPopup({$ID});return false;\" title=\"{$title}\">';
…	…
261	261	";
262	262	} else {
263		$title = ~~wp_specialchars($attachment['post_title'], ENT_QUOTES~~);
	263	$title = attribute_escape($attachment['post_title']);
264	264	$filename = basename($attachment['guid']);
265	265	$icon = get_attachment_icon($ID);

branches/2.0/wp-admin/link-categories.php

r4341	r4656
125	125	<tr>
126	126	<th width="33%" scope="row"><?php _e('Name:') ?></th>
127		<td width="67%"><input name="cat_name" type="text" value="<?php echo ~~wp_specialchars~~($row->cat_name)?>" size="30" /></td>
	127	<td width="67%"><input name="cat_name" type="text" value="<?php echo attribute_escape($row->cat_name)?>" size="30" /></td>
128	128	</tr>
129	129	<tr>

branches/2.0/wp-admin/link-manager.php

r4470	r4656
328	328	<input type="hidden" name="link_id" value="" />
329	329	<input type="hidden" name="action" value="" />
330		<input type="hidden" name="order_by" value="<?php echo ~~wp_specialchars($order_by, 1~~); ?>" />
	330	<input type="hidden" name="order_by" value="<?php echo attribute_escape($order_by); ?>" />
331	331	<input type="hidden" name="cat_id" value="<?php echo (int) $cat_id ?>" />
332	332	<table id="the-list-x" width="100%" cellpadding="3" cellspacing="3">
…	…
358	358	if ($links) {
359	359	foreach ($links as $link) {
360		$link->link_name = ~~wp_specialchars~~($link->link_name);
	360	$link->link_name = attribute_escape($link->link_name);
361	361	$link->link_category = wp_specialchars($link->link_category);
362	362	$link->link_description = wp_specialchars($link->link_description);
363		$link->link_url = ~~wp_specialchars~~($link->link_url);
	363	$link->link_url = attribute_escape($link->link_url);
364	364	$short_url = str_replace('http://', '', $link->link_url);
365	365	$short_url = str_replace('www.', '', $short_url);

branches/2.0/wp-admin/options-misc.php

r4229	r4656
18	18	<tr valign="top">
19	19	<th scope="row"><?php _e('Store uploads in this folder'); ?>:</th>
20		<td><input name="upload_path" type="text" id="upload_path" class="code" value="<?php echo ~~wp_specialchars(str_replace(ABSPATH, '', get_settings('upload_path')), 1~~); ?>" size="40" />
	20	<td><input name="upload_path" type="text" id="upload_path" class="code" value="<?php echo attribute_escape(str_replace(ABSPATH, '', get_settings('upload_path'))); ?>" size="40" />
21	21	<br />
22	22	<?php _e('Default is <code>wp-content/uploads</code>'); ?>

branches/2.0/wp-admin/options-permalink.php

r4229	r4656
149	149	<br />
150	150	</p>
151		<p id="customstructure"><?php _e('Custom structure'); ?>: <input name="permalink_structure" id="permalink_structure" type="text" class="code" style="width: 60%;" value="<?php echo ~~wp_specialchars($permalink_structure, 1~~); ?>" size="50" /></p>
	151	<p id="customstructure"><?php _e('Custom structure'); ?>: <input name="permalink_structure" id="permalink_structure" type="text" class="code" style="width: 60%;" value="<?php echo attribute_escape($permalink_structure); ?>" size="50" /></p>
152	152
153	153	<h3><?php _e('Optional'); ?></h3>
…	…
158	158	<?php endif; ?>
159	159	<p>
160		<?php _e('Category base'); ?>: <input name="category_base" type="text" class="code" value="<?php echo ~~wp_specialchars($category_base, 1~~); ?>" size="30" />
	160	<?php _e('Category base'); ?>: <input name="category_base" type="text" class="code" value="<?php echo attribute_escape($category_base); ?>" size="30" />
161	161	</p>
162	162	<p class="submit">

branches/2.0/wp-admin/options.php

r4384	r4656
183	183	</table>
184	184	<?php $options_to_update = implode(',', $options_to_update); ?>
185		<p class="submit"><input type="hidden" name="page_options" value="<?php echo ~~wp_specialchars($options_to_update, tru~~e); ?>" /><input type="submit" name="Update" value="<?php _e('Update Options »') ?>" /></p>
	185	<p class="submit"><input type="hidden" name="page_options" value="<?php echo attribute_escape($options_to_update); ?>" /><input type="submit" name="Update" value="<?php _e('Update Options »') ?>" /></p>
186	186	</form>
187	187	</div>

branches/2.0/wp-admin/post.php

r4470	r4656
82	82	<div id='preview' class='wrap'>
83	83	<h2 id="preview-post"><?php _e('Post Preview (updated when post is saved)'); ?> <small class="quickjump"><a href="#write-post"><?php _e('edit ↑'); ?></a></small></h2>
84		<iframe src="<?php echo ~~wp_specialchars~~(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
	84	<iframe src="<?php echo attribute_escape(apply_filters('preview_post_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
85	85	</div>
86	86	<?php

branches/2.0/wp-admin/templates.php

r4416	r4656
112	112	echo '<ol>';
113	113	foreach ($recents as $recent) :
114		echo "<li><a href='templates.php?file=" . ~~wp_specialchars($recent, true~~) . "'>" . get_file_description(basename($recent)) . "</a></li>";
	114	echo "<li><a href='templates.php?file=" . attribute_escape($recent) . "'>" . get_file_description(basename($recent)) . "</a></li>";
115	115	endforeach;
116	116	echo '</ol>';

branches/2.0/wp-admin/theme-editor.php

r4269	r4656
102	102	if ($theme_name == $theme) $selected = " selected='selected'";
103	103	else $selected = '';
104		$theme_name = ~~wp_specialchars($theme_name, tru~~e);
	104	$theme_name = attribute_escape($theme_name);
105	105	echo "\n\t<option value=\"$theme_name\" $selected>$theme_name</option>";
106	106	}

branches/2.0/wp-admin/upgrade.php

r3923	r4656
68	68
69	69	case 0:
70		$goback = ~~wp_specialchars(wp_get_referer(~~));
	70	$goback = attribute_escape(stripslashes(wp_get_referer()));
71	71	?>
72	72	<p><?php _e('This file upgrades you from any previous version of WordPress to the latest. It may take a while though, so be patient.'); ?></p>
…	…
87	87	$backto = __get_option('home');
88	88	else
89		$backto = ~~wp_specialchars( $_GET['backto'] , 1~~ );
	89	$backto = attribute_escape(stripslashes($_GET['backto']));
90	90	?>
91	91	<h2><?php _e('Step 1'); ?></h2>

branches/2.0/wp-content/themes/classic/comments-popup.php

r3903	r4656
61	61	<label for="author"><?php _e("Name"); ?></label>
62	62	<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
63		<input type="hidden" name="redirect_to" value="<?php echo ~~wp_specialchars~~($_SERVER["REQUEST_URI"]); ?>" />
	63	<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" />
64	64	</p>
65	65

branches/2.0/wp-content/themes/default/comments-popup.php

r3925	r4656
61	61	<label for="author">Name</label>
62	62	<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
63		<input type="hidden" name="redirect_to" value="<?php echo ~~wp_specialchars~~($_SERVER["REQUEST_URI"]); ?>" />
	63	<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($_SERVER["REQUEST_URI"]); ?>" />
64	64	</p>
65	65

branches/2.0/wp-content/themes/default/searchform.php

r3134	r4656
1	1	<form method="get" id="searchform" action="<?php bloginfo('home'); ?>/">
2		<div><input type="text" value="<?php echo ~~wp_specialchars($s, 1~~); ?>" name="s" id="s" />
	2	<div><input type="text" value="<?php echo attribute_escape($s); ?>" name="s" id="s" />
3	3	<input type="submit" id="searchsubmit" value="Search" />
4	4	</div>

branches/2.0/wp-includes/comment-functions.php

r4300	r4656
316	316	echo ' class="'.$CSSclass.'"';
317	317	}
318		$title = ~~wp_specialchars(apply_filters('the_title', get_the_title()), true~~);
	318	$title = attribute_escape(apply_filters('the_title', get_the_title()));
319	319	echo ' title="' . sprintf( __('Comment on %s'), $title ) .'">';
320	320	comments_number($zero, $one, $more, $number);
…	…
898	898	$comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
899	899	$comment_author = stripslashes($comment_author);
900		$comment_author = ~~wp_specialchars($comment_author, true~~);
	900	$comment_author = attribute_escape($comment_author);
901	901	$_COOKIE['comment_author_'.COOKIEHASH] = $comment_author;
902	902	}
…	…
905	905	$comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
906	906	$comment_author_email = stripslashes($comment_author_email);
907		$comment_author_email = ~~wp_specialchars($comment_author_email, true~~);
	907	$comment_author_email = attribute_escape($comment_author_email);
908	908	$_COOKIE['comment_author_email_'.COOKIEHASH] = $comment_author_email;
909	909	}
…	…
912	912	$comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
913	913	$comment_author_url = stripslashes($comment_author_url);
914		$comment_author_url = ~~wp_specialchars($comment_author_url, true~~);
	914	$comment_author_url = attribute_escape($comment_author_url);
915	915	$_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url;
916	916	}

branches/2.0/wp-includes/functions-formatting.php

r4387	r4656
1051	1051	return preg_replace("/\r?\n/", "\\n", addslashes($text));
1052	1052	}
	1053
	1054	// Escaping for HTML attributes like
	1055	function attribute_escape($text) {
	1056	return wp_specialchars($text, true);
	1057	}
	1058
1053	1059	?>

branches/2.0/wp-includes/functions.php

r4581	r4656
350	350
351	351	function form_option($option) {
352		echo ~~wp_specialchars( get_option($option), 1~~ );
	352	echo attribute_escape( get_option($option));
353	353	}
354	354
…	…
2363	2363
2364	2364	function wp_referer_field() {
2365		$ref = ~~wp_specialchars($_SERVER['REQUEST_URI']~~);
	2365	$ref = attribute_escape(stripslashes($_SERVER['REQUEST_URI']));
2366	2366	echo '<input type="hidden" name="_wp_http_referer" value="'. $ref . '" />';
2367	2367	if ( wp_get_original_referer() ) {
2368		$original_ref = ~~wp_specialchars~~(stripslashes(wp_get_original_referer()));
	2368	$original_ref = attribute_escape(stripslashes(wp_get_original_referer()));
2369	2369	echo '<input type="hidden" name="_wp_original_http_referer" value="'. $original_ref . '" />';
2370	2370	}
…	…
2372	2372
2373	2373	function wp_original_referer_field() {
2374		echo '<input type="hidden" name="_wp_original_http_referer" value="' . ~~wp_specialchars~~(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
	2374	echo '<input type="hidden" name="_wp_original_http_referer" value="' . attribute_escape(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
2375	2375	}
2376	2376
…	…
2457	2457	$adminurl = get_settings('siteurl') . '/wp-admin';
2458	2458	if ( wp_get_referer() )
2459		$adminurl = ~~wp_get_referer(~~);
	2459	$adminurl = attribute_escape(stripslashes(wp_get_referer()));
2460	2460
2461	2461	$title = __('WordPress Confirmation');
…	…
2469	2469	$v = substr(strstr($a, '='), 1);
2470	2470	$k = substr($a, 0, -(strlen($v)+1));
2471		$html .= "\t\t<input type='hidden' name='" . ~~wp_specialchars( urldecode($k), 1 ) . "' value='" . wp_specialchars( urldecode($v), 1~~ ) . "' />\n";
	2471	$html .= "\t\t<input type='hidden' name='" . attribute_escape( urldecode($k)) . "' value='" . attribute_escape( urldecode($v)) . "' />\n";
2472	2472	}
2473	2473	$html .= "\t\t<input type='hidden' name='_wpnonce' value='" . wp_create_nonce($action) . "' />\n";
2474	2474	$html .= "\t\t<div id='message' class='confirm fade'>\n\t\t<p>" . wp_explain_nonce($action) . "</p>\n\t\t<p><a href='$adminurl'>" . __('No') . "</a> <input type='submit' value='" . __('Yes') . "' /></p>\n\t\t</div>\n\t</form>\n";
2475	2475	} else {
2476		$html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_explain_nonce($action) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . a~~dd_query_arg( '_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI']~~ ) . "'>" . __('Yes') . "</a></p>\n\t</div>\n";
	2476	$html .= "\t<div id='message' class='confirm fade'>\n\t<p>" . wp_explain_nonce($action) . "</p>\n\t<p><a href='$adminurl'>" . __('No') . "</a> <a href='" . attribute_escape(add_query_arg('_wpnonce', wp_create_nonce($action), $_SERVER['REQUEST_URI'])) . "'>" . __('Yes') . "</a></p>\n\t</div>\n";
2477	2477	}
2478	2478	$html .= "</body>\n</html>";

branches/2.0/wp-includes/links.php

r3762	r4656
213	213	$the_link = '#';
214	214	if (!empty($row->link_url))
215		$the_link = ~~wp_specialchars~~($row->link_url);
	215	$the_link = attribute_escape($row->link_url);
216	216
217	217	$rel = $row->link_rel;
…	…
220	220	}
221	221
222		$desc = ~~wp_specialchars($row->link_description, ENT_QUOTES~~);
223		$name = ~~wp_specialchars($row->link_name, ENT_QUOTES~~);
	222	$desc = attribute_escape($row->link_description);
	223	$name = attribute_escape($row->link_name);
224	224	$title = $desc;
225	225

branches/2.0/wp-includes/template-functions-author.php

r4496	r4656
132	132	global $authordata;
133	133
134		echo '<a href="' . get_author_link(0, $authordata->ID, $authordata->user_nicename) . '" title="' . sprintf(__("Posts by %s"), ~~wp_specialchars~~(get_the_author())) . '">' . get_the_author() . '</a>';
	134	echo '<a href="' . get_author_link(0, $authordata->ID, $authordata->user_nicename) . '" title="' . sprintf(__("Posts by %s"), attribute_escape(get_the_author())) . '">' . get_the_author() . '</a>';
135	135	}
136	136
…	…
198	198	$link = $name;
199	199	} else {
200		$link = '<a href="' . get_author_link(0, $author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), ~~wp_specialchars~~($author->display_name)) . '">' . $name . '</a>';
	200	$link = '<a href="' . get_author_link(0, $author->ID, $author->user_nicename) . '" title="' . sprintf(__("Posts by %s"), attribute_escape($author->display_name)) . '">' . $name . '</a>';
201	201
202	202	if ( (! empty($feed_image)) \|\| (! empty($feed)) ) {

branches/2.0/wp-includes/template-functions-category.php

r4280	r4656
324	324	$link = '<a href="'.get_category_link($category->cat_ID).'" ';
325	325	if ( $use_desc_for_title == 0 \|\| empty($category->category_description) )
326		$link .= 'title="'. sprintf(__("View all posts filed under %s"), ~~wp_specialchars~~($category->cat_name)) . '"';
	326	$link .= 'title="'. sprintf(__("View all posts filed under %s"), attribute_escape($category->cat_name)) . '"';
327	327	else
328		$link .= 'title="' . ~~wp_specialchars~~(apply_filters('category_description',$category->category_description,$category)) . '"';
	328	$link .= 'title="' . attribute_escape(apply_filters('category_description',$category->category_description,$category)) . '"';
329	329	$link .= '>';
330	330	$link .= apply_filters('list_cats', $category->cat_name, $category).'</a>';

branches/2.0/wp-includes/template-functions-general.php

r4641	r4656
264	264	function get_archives_link($url, $text, $format = 'html', $before = '', $after = '') {
265	265	$text = wptexturize($text);
266		$title_text = ~~wp_specialchars($text, 1~~);
	266	$title_text = attribute_escape($text);
267	267
268	268	if ('link' == $format)

branches/2.0/wp-includes/template-functions-post.php

r4604	r4656
419	419	foreach ( $page_tree[$parent]['children'] as $page_id ) {
420	420	$cur_page = $page_tree[$page_id];
421		$title = ~~wp_specialchars~~($cur_page['title']);
	421	$title = attribute_escape($cur_page['title']);
422	422
423	423	$css_class = 'page_item';

branches/2.0/wp-links-opml.php

r3470	r4656
45	45	} // end if not first time
46	46	?>
47		<outline type="category" title="<?php echo ~~wp_specialchars~~($result->cat_name); ?>">
	47	<outline type="category" title="<?php echo attribute_escape($result->cat_name); ?>">
48	48	<?php
49	49	$prev_cat_id = $result->link_category;
50	50	} // end if new category
51	51	?>
52		<outline text="<?php echo ~~wp_specialchars($result->link_name); ?>" type="link" xmlUrl="<?php echo wp_specialchars($result->link_rss); ?>" htmlUrl="<?php echo wp_specialchars~~($result->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $result->link_updated) echo $result->link_updated; ?>" />
	52	<outline text="<?php echo attribute_escape($result->link_name); ?>" type="link" xmlUrl="<?php echo attribute_escape($result->link_rss); ?>" htmlUrl="<?php echo attribute_escape($result->link_url); ?>" updated="<?php if ('0000-00-00 00:00:00' != $result->link_updated) echo $result->link_updated; ?>" />
53	53	<?php
54	54	} // end foreach

branches/2.0/wp-login.php

r4581	r4656
232	232
233	233	<form name="loginform" id="loginform" action="wp-login.php" method="post">
234		<p><label><?php _e('Username:') ?><br /><input type="text" name="log" id="log" value="<?php echo ~~wp_specialchars(stripslashes($user_login), 1~~); ?>" size="20" tabindex="1" /></label></p>
	234	<p><label><?php _e('Username:') ?><br /><input type="text" name="log" id="log" value="<?php echo attribute_escape(stripslashes($user_login)); ?>" size="20" tabindex="1" /></label></p>
235	235	<p><label><?php _e('Password:') ?><br /> <input type="password" name="pwd" id="pwd" value="" size="20" tabindex="2" /></label></p>
236	236	<p>
…	…
239	239	<p class="submit">
240	240	<input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> »" tabindex="4" />
241		<input type="hidden" name="redirect_to" value="<?php echo ~~wp_specialchars~~($redirect_to); ?>" />
	241	<input type="hidden" name="redirect_to" value="<?php echo attribute_escape($redirect_to); ?>" />
242	242	</p>
243	243	</form>

branches/2.0/wp-register.php

r3630	r4656
114	114	<form method="post" action="wp-register.php" id="registerform">
115	115	<p><input type="hidden" name="action" value="register" />
116		<label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo ~~wp_specialchars~~($user_login); ?>" /><br /></p>
117		<p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo ~~wp_specialchars~~($user_email); ?>" /></p>
	116	<label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo attribute_escape($user_login); ?>" /><br /></p>
	117	<p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo attribute_escape($user_email); ?>" /></p>
118	118	<p><?php _e('A password will be emailed to you.') ?></p>
119	119	<p class="submit"><input type="submit" value="<?php _e('Register') ?> »" id="submit" name="submit" /></p>

trunk/wp-admin/admin-ajax.php

r4583	r4656
14	14
15	15	function wp_ajax_meta_row( $pid, $mid, $key, $value ) {
16		$value = ~~wp_specialchars($value, tr~~ue);
	16	$value = attribute_escape($value);
17	17	$key_js = addslashes(wp_specialchars($key, 'double'));
18		$key = ~~wp_specialchars($key, true~~);
	18	$key = attribute_escape($key);
19	19	$r .= "<tr id='meta-$mid'><td valign='top'>";
20	20	$r .= "<input name='meta[$mid][key]' tabindex='6' onkeypress='return killSubmit(\"theList.ajaxUpdater('meta','meta-$mid');\",event);' type='text' size='20' value='$key' />";
…	…
142	142	$level++;
143	143	}
144		$cat_full_name = ~~wp_specialchars( $cat_full_name, 1~~ );
	144	$cat_full_name = attribute_escape( $cat_full_name);
145	145
146	146	$x = new WP_Ajax_Response( array(

trunk/wp-admin/admin-functions.php

r4651	r4656
324	324	$text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) );
325	325	$text = funky_javascript_fix( $text);
326		$popupurl = ~~wp_specialchars( $_REQUEST['popupurl']~~ );
	326	$popupurl = attribute_escape($_REQUEST['popupurl']);
327	327	$post_content = '<a href="'.$popupurl.'">'.$post_title.'</a>'."\n$text";
328	328	}
…	…
381	381	function get_user_to_edit( $user_id ) {
382	382	$user = new WP_User( $user_id );
383		$user->user_login = ~~wp_specialchars( $user->user_login, 1~~ );
384		$user->user_email = ~~wp_specialchars( $user->user_email, 1~~ );
385		$user->user_url = ~~wp_specialchars( $user->user_url, 1~~ );
386		$user->first_name = ~~wp_specialchars( $user->first_name, 1~~ );
387		$user->last_name = ~~wp_specialchars( $user->last_name, 1~~ );
388		$user->display_name = ~~wp_specialchars( $user->display_name, 1~~ );
389		$user->nickname = ~~wp_specialchars( $user->nickname, 1~~ );
390		$user->aim = ~~wp_specialchars( $user->aim, 1~~ );
391		$user->yim = ~~wp_specialchars( $user->yim, 1~~ );
392		$user->jabber = ~~wp_specialchars( $user->jabber, 1~~ );
	383	$user->user_login = attribute_escape( $user->user_login);
	384	$user->user_email = attribute_escape( $user->user_email);
	385	$user->user_url = attribute_escape( $user->user_url);
	386	$user->first_name = attribute_escape( $user->first_name);
	387	$user->last_name = attribute_escape( $user->last_name);
	388	$user->display_name = attribute_escape( $user->display_name);
	389	$user->nickname = attribute_escape( $user->nickname);
	390	$user->aim = attribute_escape( $user->aim);
	391	$user->yim = attribute_escape( $user->yim);
	392	$user->jabber = attribute_escape( $user->jabber);
393	393	$user->description = wp_specialchars( $user->description );
394	394
…	…
528	528	$link = get_link( $link_id );
529	529
530		$link->link_url = ~~wp_specialchars( $link->link_url, 1~~ );
531		$link->link_name = ~~wp_specialchars( $link->link_name, 1~~ );
532		$link->link_image = ~~wp_specialchars( $link->link_image, 1~~ );
533		$link->link_description = ~~wp_specialchars( $link->link_description, 1~~ );