Changeset 5550 for branches/2.0/wp-admin/edit-page-form.php
- Timestamp:
- 05/25/07 22:33:48 (1 year ago)
- Files:
-
- branches/2.0/wp-admin/edit-page-form.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
branches/2.0/wp-admin/edit-page-form.php
r4656 r5550 10 10 $form_extra = "<input type='hidden' name='temp_ID' value='$temp_ID' />"; 11 11 } else { 12 $post_ID = (int) $post_ID; 12 13 $form_action = 'editpost'; 13 14 $nonce_action = 'update-post_' . $post_ID; 14 15 $form_extra = "<input type='hidden' id='post_ID' name='post_ID' value='$post_ID' />"; 15 16 } 17 18 $temp_ID = (int) $temp_ID; 19 $user_ID = (int) $user_ID; 16 20 17 21 $sendto = attribute_escape(wp_get_referer()); … … 61 65 <fieldset id="passworddiv" class="dbx-box"> 62 66 <h3 class="dbx-handle"><?php _e('Password-Protect Post') ?></h3> 63 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo $post->post_password?>" /></div>67 <div class="dbx-content"><input name="post_password" type="text" size="13" id="post_password" value="<?php echo attribute_escape($post->post_password); ?>" /></div> 64 68 </fieldset> 65 69 … … 86 90 <fieldset id="slugdiv" class="dbx-box"> 87 91 <h3 class="dbx-handle"><?php _e('Post slug') ?></h3> 88 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo $post->post_name?>" /></div>92 <div class="dbx-content"><input name="post_name" type="text" size="13" id="post_name" value="<?php echo attribute_escape($post->post_name); ?>" /></div> 89 93 </fieldset> 90 94 … … 99 103 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"'; 100 104 else $selected = ''; 105 $o->ID = (int) $o->ID; 106 $o->display_name = wp_specialchars( $o->display_name ); 101 107 echo "<option value='$o->ID' $selected>$o->display_name</option>"; 102 108 endforeach; … … 119 125 <fieldset id="titlediv"> 120 126 <legend><?php _e('Page Title') ?></legend> 121 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo $post->post_title; ?>" id="title" /></div>127 <div><input type="text" name="post_title" size="30" tabindex="1" value="<?php echo attribute_escape($post->post_title); ?>" id="title" /></div> 122 128 </fieldset> 123 129
