Changeset 8853

Timestamp:

09/09/08 19:08:22 (3 months ago)

Author:

markjaquith

Message:

Put aria-required in the proper place, and use htmlspecialchars for sanitizing textarea output. Props Mike Schinkel

Files:

• trunk/wp-admin/includes/media.php (modified) (1 diff)

trunk/wp-admin/includes/media.php

@@ -879 +879 @@
-            $item .= $field[$field['input']];
-        elseif ( $field['input'] == 'textarea' ) {
->" . attribute_escape( $field['value'] ) . $aria_required
+" . $aria_required . ">" . htmlspecialchars( $field['value'] )
-        } else {
-            $item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";