Navigation

edit-comments.php

Timestamp:

12/21/06 10:10:04 (2 years ago)

Author:

markjaquith

Message:

new function for escaping within attributes: attribute_escape()

Files:

r3945	r4656
8	8	require_once('admin-header.php');
9	9	if (empty($_GET['mode'])) $mode = 'view';
10		else $mode = ~~wp_specialchars($_GET['mode'], 1~~);
	10	else $mode = attribute_escape($_GET['mode']);
11	11	?>
12	12
…	…
31	31	<fieldset>
32	32	<legend><?php _e('Show Comments That Contain...') ?></legend>
33		<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo ~~wp_specialchars($_GET['s'], 1~~); ?>" size="17" />
	33	<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo attribute_escape($_GET['s']); ?>" size="17" />
34	34	<input type="submit" name="submit" value="<?php _e('Search') ?>" />
35	35	<input type="hidden" name="mode" value="<?php echo $mode; ?>" />