Ticket #1978 (closed defect: fixed)

Opened 3 years ago

Last modified 2 years ago

Quotes in post title make it into the title for comments_popup_link()

Reported by: Viper007Bond Assigned to: markjaquith
Priority: high Milestone: 2.1
Component: Administration Version: 2.0
Severity: major Keywords: bg|has-patch bg|commit
Cc: sjmurdoch

Description

If you have a post with quotes in it, they make it into the title for the comments_popup_link() link. This makes invalid code.

Example:

Post title = Announcing "Alphabetical Plugins"

Then this code: 

comments_popup_link('Comments Off', '1 Comment »', '% Comments »');

produces: 

<a href="http://www.viper007bond.com/archives/2005/11/27/announcing-alphabetical-plugins/#respond" title="Comment on Announcing "Alphabetical Plugins"">Comments Off</a>

Solution: htmlspecialchars() or wp_texturize() needs to be run on the post title before it's used.

Attachments

patch_texturizetitle.diff (0.5 kB) - added by abhay on 11/30/05 19:21:49.
wraps wptexturize() around $post_title
patch.diff (0.5 kB) - added by markjaquith on 02/16/06 02:24:43.

Change History

11/30/05 19:21:49 changed by abhay

  • attachment patch_texturizetitle.diff added.

wraps wptexturize() around $post_title

11/30/05 19:24:21 changed by abhay

Since you didn't attach the diff file yourself, I just did it for ya. Props to you for solution.

12/01/05 01:15:27 changed by Viper007Bond

Much appreciated. :) I don't have any SVN software or anything to make a diff file with, so... :/

12/09/05 04:48:46 changed by Viper007Bond

  • priority changed from normal to high.

12/20/05 02:01:11 changed by Viper007Bond

  • keywords set to bg|has-patch.

Not sure if wp_texturize() or htmlspecialchars() is the preferred thing for this BTW.

01/24/06 08:52:18 changed by sjmurdoch

  • cc set to sjmurdoch.

02/16/06 02:17:09 changed by markjaquith

  • keywords changed from bg|has-patch to bg|has-patch bg|commit.
  • owner changed from anonymous to markjaquith.
  • status changed from new to assigned.
  • milestone set to 2.1.

02/16/06 02:24:43 changed by markjaquith

  • attachment patch.diff added.

02/16/06 02:25:04 changed by markjaquith

My patch uses wp_specialchars()

03/14/06 08:28:45 changed by Viper007Bond

Yeah, that's best.

When I wrote this over 3 months ago, I wasn't aware of how to create patches and the function wp_specialchars(). I was such a noob. :D

03/15/06 15:36:43 changed by metallman

wp_specialchars needs to be called with a true second argument to actually replace quotes. Like this wp_specialchars($post->post_title, 1).

If this change is done to the patch, it works for me.

04/06/06 05:02:19 changed by thetorpedodog

I've got a different patch on ticket #2625 that uses applying the filters for the_title. It does all the fancy quote and dash nonsense and other things applied to post_title().

07/07/06 11:43:42 changed by Viper007Bond

  • status changed from assigned to closed.
  • resolution set to fixed.

Fixed via #2915 (about time!)