Changeset 5543 for trunk/wp-admin/edit-page-form.php

Timestamp:

05/25/07 09:41:04 (2 years ago)

Author:

ryan

Message:

attribute_escape()s and int casts. see #4333

Files:

• trunk/wp-admin/edit-page-form.php (modified) (6 diffs)

trunk/wp-admin/edit-page-form.php

@@ -3 +3 @@
-<h2 id="write-post"><?php _e('Write Page'); ?></h2>
-<?php
+
-if (0 == $post_ID) {
-    $form_action = 'post';
@@ -9 +10 @@
-    $form_extra = "<input type='hidden' id='post_ID' name='temp_ID' value='$temp_ID' />";
-} else {
+    $post_ID = (int) $post_ID;
-    $form_action = 'editpost';
-    $nonce_action = 'update-page_' . $post_ID;
-    $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />";
-}
+
+$temp_ID = (int) $temp_ID;
+$user_ID = (int) $user_ID;
-
-$sendto = clean_url(stripslashes(wp_get_referer()));
@@ -69 +74 @@
-<fieldset id="passworddiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Page Password') ?></h3>
-$post->post_password
+attribute_escape( $post->post_password );
-</fieldset>
-
@@ -94 +99 @@
-<fieldset id="slugdiv" class="dbx-box">
-<h3 class="dbx-handle"><?php _e('Page Slug') ?></h3>
-$post->post_name
+attribute_escape( $post->post_name );
-</fieldset>
-
@@ -107 +112 @@
-if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
-else $selected = '';
+$o->ID = (int) $o->ID;
+$o->display_name = wp_specialchars( $o->display_name );
-echo "<option value='$o->ID' $selected>$o->display_name</option>";
-endforeach;
@@ -127 +134 @@
-<fieldset id="titlediv">
-  <legend><?php _e('Page Title') ?></legend>
-$post->post_title
+attribute_escape( $post->post_title )
-</fieldset>
-