Changeset 11380
- Timestamp:
- 05/18/2009 03:11:07 PM (15 years ago)
- Location:
- trunk
- Files:
-
- 68 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/admin-ajax.php
r11343 r11380 423 423 } 424 424 $cat_id = $cat_id['term_id']; 425 $cat_name = wp_specialchars(stripslashes($cat_name));425 $cat_name = (stripslashes($cat_name)); 426 426 $x->add( array( 427 427 'what' => 'link-category', … … 899 899 $data = new WP_Error( 'locked', sprintf( 900 900 $_POST['post_type'] == 'page' ? __( 'Autosave disabled: %s is currently editing this page.' ) : __( 'Autosave disabled: %s is currently editing this post.' ), 901 wp_specialchars( $last_user_name )901 ( $last_user_name ) 902 902 ) ); 903 903 … … 1058 1058 $last_user = get_userdata( $last ); 1059 1059 $last_user_name = $last_user ? $last_user->display_name : __( 'Someone' ); 1060 printf( $_POST['post_type'] == 'page' ? __( 'Saving is disabled: %s is currently editing this page.' ) : __( 'Saving is disabled: %s is currently editing this post.' ), wp_specialchars( $last_user_name ) );1060 printf( $_POST['post_type'] == 'page' ? __( 'Saving is disabled: %s is currently editing this page.' ) : __( 'Saving is disabled: %s is currently editing this post.' ), ( $last_user_name ) ); 1061 1061 exit; 1062 1062 } … … 1218 1218 1219 1219 $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="' . esc_attr($post->ID) . '"></td>'; 1220 $html .= '<td><label for="found-'.$post->ID.'">'. wp_specialchars($post->post_title, true).'</label></td><td>'.wp_specialchars($time, true).'</td><td>'.wp_specialchars($stat, true).'</td></tr>'."\n\n";1220 $html .= '<td><label for="found-'.$post->ID.'">'.).'</td></tr>'."\n\n"; 1221 1221 } 1222 1222 $html .= '</tbody></table>'; -
trunk/wp-admin/admin-header.php
r11280 r11380 11 11 12 12 get_admin_page_title(); 13 $title = wp_specialchars( strip_tags( $title ) );13 $title = ( strip_tags( $title ) ); 14 14 wp_user_settings(); 15 15 wp_menu_unfold(); -
trunk/wp-admin/async-upload.php
r11013 r11380 43 43 $id = media_handle_upload('async-upload', $_REQUEST['post_id']); 44 44 if (is_wp_error($id)) { 45 echo '<div id="media-upload-error">'. wp_specialchars($id->get_error_message()).'</div>';45 echo '<div id="media-upload-error">'.($id->get_error_message()).'</div>'; 46 46 exit; 47 47 } -
trunk/wp-admin/categories.php
r11312 r11380 130 130 <div class="wrap nosubsub"> 131 131 <?php screen_icon(); ?> 132 <h2><?php echo wp_specialchars( $title );132 <h2><?php echo ( $title ); 133 133 if ( isset($_GET['s']) && $_GET['s'] ) 134 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( stripslashes($_GET['s']) ) ); ?>134 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( stripslashes($_GET['s']) ) ); ?> 135 135 </h2> 136 136 -
trunk/wp-admin/edit-attachment-rows.php
r11323 r11380 25 25 <tbody id="the-list" class="list:post"> 26 26 <?php 27 add_filter('the_title',' wp_specialchars');27 add_filter('the_title',''); 28 28 $alt = ''; 29 29 $posts_columns = get_column_headers('upload'); … … 111 111 $out = array(); 112 112 foreach ( $tags as $c ) 113 $out[] = "<a href='edit.php?tag=$c->slug'> " . wp_specialchars(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";113 $out[] = "<a href='edit.php?tag=$c->slug'> " . (sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>"; 114 114 echo join( ', ', $out ); 115 115 } else { -
trunk/wp-admin/edit-category-form.php
r11204 r11380 67 67 <tr class="form-field"> 68 68 <th scope="row" valign="top"><label for="category_description"><?php _e('Description') ?></label></th> 69 <td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($category->description); ?></textarea><br />69 <td><textarea name="category_description" id="category_description" rows="5" cols="50" style="width: 97%;"><?php echo ($category->description); ?></textarea><br /> 70 70 <?php _e('The description is not prominent by default, however some themes may show it.'); ?></td> 71 71 </tr> -
trunk/wp-admin/edit-comments.php
r11312 r11380 97 97 <div class="wrap"> 98 98 <?php screen_icon(); ?> 99 <h2><?php echo wp_specialchars( $title );99 <h2><?php echo ( $title ); 100 100 if ( isset($_GET['s']) && $_GET['s'] ) 101 printf( '<span class="subtitle">' . sprintf( __( 'Search results for “%s”' ), wp_html_excerpt( wp_specialchars( stripslashes( $_GET['s'] ) ), 50 ) ) . '</span>' ); ?>101 printf( '<span class="subtitle">' . sprintf( __( 'Search results for “%s”' ), wp_html_excerpt( ( stripslashes( $_GET['s'] ) ), 50 ) ) . '</span>' ); ?> 102 102 </h2> 103 103 -
trunk/wp-admin/edit-form-advanced.php
r11323 r11380 167 167 } 168 168 169 ?><?php echo wp_specialchars( $visibility_trans ); ?></span> <?php if ( $can_publish ) { ?> <a href="#visibility" class="edit-visibility hide-if-no-js"><?php _e('Edit'); ?></a>169 ?><?php echo ( $visibility_trans ); ?></span> <?php if ( $can_publish ) { ?> <a href="#visibility" class="edit-visibility hide-if-no-js"><?php _e('Edit'); ?></a> 170 170 171 171 <div id="post-visibility-select" class="hide-if-js"> … … 391 391 $already_pinged = explode("\n", trim($post->pinged)); 392 392 foreach ($already_pinged as $pinged_url) { 393 $pings .= "\n\t<li>" . wp_specialchars($pinged_url) . "</li>";393 $pings .= "\n\t<li>" . ($pinged_url) . "</li>"; 394 394 } 395 395 $pings .= '</ul>'; … … 550 550 <div class="wrap"> 551 551 <?php screen_icon(); ?> 552 <h2><?php echo wp_specialchars( $title ); ?></h2>552 <h2><?php echo ( $title ); ?></h2> 553 553 <?php if ( $notice ) : ?> 554 554 <div id="notice" class="error"><p><?php echo $notice ?></p></div> … … 623 623 if ( $last_id = get_post_meta($post_ID, '_edit_last', true) ) { 624 624 $last_user = get_userdata($last_id); 625 printf(__('Last edited by %1$s on %2$s at %3$s'), wp_specialchars( $last_user->display_name ), mysql2date(get_option('date_format'), $post->post_modified), mysql2date(get_option('time_format'), $post->post_modified));625 printf(__('Last edited by %1$s on %2$s at %3$s'), ( $last_user->display_name ), mysql2date(get_option('date_format'), $post->post_modified), mysql2date(get_option('time_format'), $post->post_modified)); 626 626 } else { 627 627 printf(__('Last edited on %1$s at %2$s'), mysql2date(get_option('date_format'), $post->post_modified), mysql2date(get_option('time_format'), $post->post_modified)); -
trunk/wp-admin/edit-link-categories.php
r11312 r11380 62 62 <div class="wrap nosubsub"> 63 63 <?php screen_icon(); ?> 64 <h2><?php echo wp_specialchars( $title );64 <h2><?php echo ( $title ); 65 65 if ( isset($_GET['s']) && $_GET['s'] ) 66 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( stripslashes($_GET['s']) ) ); ?>66 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( stripslashes($_GET['s']) ) ); ?> 67 67 </h2> 68 68 -
trunk/wp-admin/edit-link-form.php
r11312 r11380 343 343 <div class="wrap"> 344 344 <?php screen_icon(); ?> 345 <h2><?php echo wp_specialchars( $title ); ?></h2>345 <h2><?php echo ( $title ); ?></h2> 346 346 347 347 <?php if ( isset( $_GET['added'] ) ) : ?> -
trunk/wp-admin/edit-page-form.php
r11323 r11380 159 159 } 160 160 161 echo wp_specialchars( $visibility_trans ); ?></span>161 echo ( $visibility_trans ); ?></span> 162 162 <?php if ( $can_publish ) { ?> 163 163 <a href="#visibility" class="edit-visibility hide-if-no-js"><?php _e('Edit'); ?></a> … … 398 398 <div class="wrap"> 399 399 <?php screen_icon(); ?> 400 <h2><?php echo wp_specialchars( $title ); ?></h2>400 <h2><?php echo ( $title ); ?></h2> 401 401 402 402 <form name="post" action="page.php" method="post" id="post"> … … 461 461 if ( $last_id = get_post_meta($post_ID, '_edit_last', true) ) { 462 462 $last_user = get_userdata($last_id); 463 printf(__('Last edited by %1$s on %2$s at %3$s'), wp_specialchars( $last_user->display_name ), mysql2date(get_option('date_format'), $post->post_modified), mysql2date(get_option('time_format'), $post->post_modified));463 printf(__('Last edited by %1$s on %2$s at %3$s'), ( $last_user->display_name ), mysql2date(get_option('date_format'), $post->post_modified), mysql2date(get_option('time_format'), $post->post_modified)); 464 464 } else { 465 465 printf(__('Last edited on %1$s at %2$s'), mysql2date(get_option('date_format'), $post->post_modified), mysql2date(get_option('time_format'), $post->post_modified)); -
trunk/wp-admin/edit-pages.php
r11318 r11380 105 105 <div class="wrap"> 106 106 <?php screen_icon(); ?> 107 <h2><?php echo wp_specialchars( $title );107 <h2><?php echo ( $title ); 108 108 if ( isset($_GET['s']) && $_GET['s'] ) 109 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( get_search_query() ) ); ?>109 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( get_search_query() ) ); ?> 110 110 </h2> 111 111 -
trunk/wp-admin/edit-tag-form.php
r11204 r11380 37 37 <tr class="form-field"> 38 38 <th scope="row" valign="top"><label for="description"><?php _e('Description') ?></label></th> 39 <td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo wp_specialchars($tag->description); ?></textarea><br />39 <td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo ($tag->description); ?></textarea><br /> 40 40 <?php _e('The description is not prominent by default, however some themes may show it.'); ?></td> 41 41 </tr> -
trunk/wp-admin/edit-tags.php
r11312 r11380 147 147 <div class="wrap nosubsub"> 148 148 <?php screen_icon(); ?> 149 <h2><?php echo wp_specialchars( $title );149 <h2><?php echo ( $title ); 150 150 if ( isset($_GET['s']) && $_GET['s'] ) 151 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( stripslashes($_GET['s']) ) ); ?>151 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( stripslashes($_GET['s']) ) ); ?> 152 152 </h2> 153 153 -
trunk/wp-admin/edit.php
r11312 r11380 97 97 <div class="wrap"> 98 98 <?php screen_icon(); ?> 99 <h2><?php echo wp_specialchars( $title );99 <h2><?php echo ( $title ); 100 100 if ( isset($_GET['s']) && $_GET['s'] ) 101 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( get_search_query() ) ); ?>101 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( get_search_query() ) ); ?> 102 102 </h2> 103 103 -
trunk/wp-admin/export.php
r11204 r11380 25 25 <div class="wrap"> 26 26 <?php screen_icon(); ?> 27 <h2><?php echo wp_specialchars( $title ); ?></h2>27 <h2><?php echo ( $title ); ?></h2> 28 28 29 29 <p><?php _e('When you click the button below WordPress will create an XML file for you to save to your computer.'); ?></p> -
trunk/wp-admin/import.php
r10150 r11380 16 16 <div class="wrap"> 17 17 <?php screen_icon(); ?> 18 <h2><?php echo wp_specialchars( $title ); ?></h2>18 <h2><?php echo ( $title ); ?></h2> 19 19 <p><?php _e('If you have posts or comments in another system, WordPress can import those into this blog. To get started, choose a system to import from below:'); ?></p> 20 20 -
trunk/wp-admin/import/opml.php
r11204 r11380 59 59 foreach ($categories as $category) { 60 60 ?> 61 <option value="<?php echo $category->term_id; ?>"><?php echo wp_specialchars(apply_filters('link_category', $category->name)); ?></option>61 <option value="<?php echo $category->term_id; ?>"><?php echo (apply_filters('link_category', $category->name)); ?></option> 62 62 <?php 63 63 } // end foreach -
trunk/wp-admin/includes/bookmark.php
r11204 r11380 30 30 wp_die( __( 'Cheatin’ uh?' )); 31 31 32 $_POST['link_url'] = wp_specialchars( $_POST['link_url'] );32 $_POST['link_url'] = ( $_POST['link_url'] ); 33 33 $_POST['link_url'] = clean_url($_POST['link_url']); 34 $_POST['link_name'] = wp_specialchars( $_POST['link_name'] );35 $_POST['link_image'] = wp_specialchars( $_POST['link_image'] );34 $_POST['link_name'] = ( $_POST['link_name'] ); 35 $_POST['link_image'] = ( $_POST['link_image'] ); 36 36 $_POST['link_rss'] = clean_url($_POST['link_rss']); 37 37 if ( !isset($_POST['link_visible']) || 'N' != $_POST['link_visible'] ) -
trunk/wp-admin/includes/dashboard.php
r11375 r11380 582 582 $type = ucwords( $comment->comment_type ); 583 583 endswitch; 584 $type = wp_specialchars( $type );584 $type = ( $type ); 585 585 ?> 586 586 <div class="dashboard-comment-wrap"> … … 647 647 $site_link = clean_url( strip_tags( $author->get_link() ) ); 648 648 649 if ( !$publisher = wp_specialchars( strip_tags( $author->get_name() ) ) )649 if ( !$publisher = ( strip_tags( $author->get_name() ) ) ) 650 650 $publisher = __( 'Somebody' ); 651 651 if ( $site_link ) … … 668 668 /* translators: incoming links feed, %4$s is the date */ 669 669 $text .= ' ' . __( 'on %4$s' ); 670 $date = wp_specialchars( strip_tags( $item->get_date() ) );670 $date = ( strip_tags( $item->get_date() ) ); 671 671 $date = strtotime( $date ); 672 672 $date = gmdate( get_option( 'date_format' ), $date ); … … 814 814 else // but let's make it forward compatible if things change 815 815 $title = $item->get_title(); 816 $title = wp_specialchars( $title );817 818 $description = wp_specialchars( strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset'))) );816 $title = ( $title ); 817 818 $description = ( strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset'))) ); 819 819 820 820 $ilink = wp_nonce_url('plugin-install.php?tab=plugin-information&plugin=' . $slug, 'install-plugin_' . $slug) . -
trunk/wp-admin/includes/export.php
r10045 r11380 100 100 $str = utf8_encode($str); 101 101 102 // $str = ent2ncr( wp_specialchars($str));102 // $str = ent2ncr(($str)); 103 103 104 104 $str = "<![CDATA[$str" . ( ( substr($str, -1) == ']' ) ? ' ' : '') . "]]>"; -
trunk/wp-admin/includes/media.php
r11372 r11380 1199 1199 $item .= $field[$field['input']]; 1200 1200 elseif ( $field['input'] == 'textarea' ) { 1201 $item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . wp_specialchars( $field['value'] ) . "</textarea>";1201 $item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . ( $field['value'] ) . "</textarea>"; 1202 1202 } else { 1203 1203 $item .= "<input type='text' id='$name' name='$name' value='" . esc_attr( $field['value'] ) . "'" . $aria_required . "/>"; … … 1420 1420 echo get_media_items( $id, $errors ); 1421 1421 } else { 1422 echo '<div id="media-upload-error">'. wp_specialchars($id->get_error_message()).'</div>';1422 echo '<div id="media-upload-error">'.($id->get_error_message()).'</div>'; 1423 1423 exit; 1424 1424 } … … 1803 1803 1804 1804 echo "<option$default value='" . esc_attr( $arc_row->yyear . $arc_row->mmonth ) . "'>"; 1805 echo wp_specialchars( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" );1805 echo ( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" ); 1806 1806 echo "</option>\n"; 1807 1807 } -
trunk/wp-admin/includes/post.php
r11375 r11380 320 320 function get_default_post_to_edit() { 321 321 if ( !empty( $_REQUEST['post_title'] ) ) 322 $post_title = wp_specialchars( stripslashes( $_REQUEST['post_title'] ));322 $post_title = ( stripslashes( $_REQUEST['post_title'] )); 323 323 else if ( !empty( $_REQUEST['popuptitle'] ) ) { 324 $post_title = wp_specialchars( stripslashes( $_REQUEST['popuptitle'] ));324 $post_title = ( stripslashes( $_REQUEST['popuptitle'] )); 325 325 $post_title = funky_javascript_fix( $post_title ); 326 326 } else { … … 330 330 $post_content = ''; 331 331 if ( !empty( $_REQUEST['content'] ) ) 332 $post_content = wp_specialchars( stripslashes( $_REQUEST['content'] ));332 $post_content = ( stripslashes( $_REQUEST['content'] )); 333 333 else if ( !empty( $post_title ) ) { 334 $text = wp_specialchars( stripslashes( urldecode( $_REQUEST['text'] ) ) );334 $text = ( stripslashes( urldecode( $_REQUEST['text'] ) ) ); 335 335 $text = funky_javascript_fix( $text); 336 336 $popupurl = clean_url($_REQUEST['popupurl']); … … 339 339 340 340 if ( !empty( $_REQUEST['excerpt'] ) ) 341 $post_excerpt = wp_specialchars( stripslashes( $_REQUEST['excerpt'] ));341 $post_excerpt = ( stripslashes( $_REQUEST['excerpt'] )); 342 342 else 343 343 $post_excerpt = ''; -
trunk/wp-admin/includes/template.php
r11366 r11380 470 470 471 471 $class = in_array( $category->term_id, $popular_cats ) ? ' class="popular-category"' : ''; 472 $output .= "\n<li id='category-$category->term_id'$class>" . '<label class="selectit"><input value="' . $category->term_id . '" type="checkbox" name="post_category[]" id="in-category-' . $category->term_id . '"' . (in_array( $category->term_id, $selected_cats ) ? ' checked="checked"' : "" ) . '/> ' . wp_specialchars( apply_filters('the_category', $category->name )) . '</label>';472 $output .= "\n<li id='category-$category->term_id'$class>" . '<label class="selectit"><input value="' . $category->term_id . '" type="checkbox" name="post_category[]" id="in-category-' . $category->term_id . '"' . (in_array( $category->term_id, $selected_cats ) ? ' checked="checked"' : "" ) . '/> ' . ( apply_filters('the_category', $category->name )) . '</label>'; 473 473 } 474 474 … … 563 563 <label class="selectit"> 564 564 <input id="in-<?php echo $id; ?>" type="checkbox" value="<?php echo (int) $category->term_id; ?>" /> 565 <?php echo wp_specialchars( apply_filters( 'the_category', $category->name ) ); ?>565 <?php echo ( apply_filters( 'the_category', $category->name ) ); ?> 566 566 </label> 567 567 </li> … … 615 615 foreach ( $categories as $category ) { 616 616 $cat_id = $category->term_id; 617 $name = wp_specialchars( apply_filters('the_category', $category->name));617 $name = ( apply_filters('the_category', $category->name)); 618 618 $checked = in_array( $cat_id, $checked_categories ); 619 619 echo '<li id="link-category-', $cat_id, '"><label for="in-link-category-', $cat_id, '" class="selectit"><input value="', $cat_id, '" type="checkbox" name="link_category[]" id="in-link-category-', $cat_id, '"', ($checked ? ' checked="checked"' : "" ), '/> ', $name, "</label></li>"; … … 1305 1305 <div class="mn">' . mysql2date( 'i', $post->post_date, false ) . '</div> 1306 1306 <div class="ss">' . mysql2date( 's', $post->post_date, false ) . '</div> 1307 <div class="post_password">' . wp_specialchars($post->post_password, 1) . '</div>';1307 <div class="post_password">' . ) . '</div>'; 1308 1308 1309 1309 if( $post->post_type == 'page' ) 1310 1310 echo ' 1311 1311 <div class="post_parent">' . $post->post_parent . '</div> 1312 <div class="page_template">' . wp_specialchars(get_post_meta( $post->ID, '_wp_page_template', true ), 1) . '</div>1312 <div class="page_template">' . ) . '</div> 1313 1313 <div class="menu_order">' . $post->menu_order . '</div>'; 1314 1314 1315 1315 if( $post->post_type == 'post' ) 1316 1316 echo ' 1317 <div class="tags_input">' . wp_specialchars( str_replace( ',', ', ', get_tags_to_edit($post->ID) ), 1) . '</div>1317 <div class="tags_input">' . ) . '</div> 1318 1318 <div class="post_category">' . implode( ',', wp_get_post_categories( $post->ID ) ) . '</div> 1319 1319 <div class="sticky">' . (is_sticky($post->ID) ? 'sticky' : '') . '</div>'; … … 1332 1332 global $wp_query, $post, $mode; 1333 1333 1334 add_filter('the_title',' wp_specialchars');1334 add_filter('the_title',''); 1335 1335 1336 1336 // Create array of post IDs. … … 1479 1479 $out = array(); 1480 1480 foreach ( $categories as $c ) 1481 $out[] = "<a href='edit.php?category_name=$c->slug'> " . wp_specialchars(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "</a>";1481 $out[] = "<a href='edit.php?category_name=$c->slug'> " . (sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "</a>"; 1482 1482 echo join( ', ', $out ); 1483 1483 } else { … … 1495 1495 $out = array(); 1496 1496 foreach ( $tags as $c ) 1497 $out[] = "<a href='edit.php?tag=$c->slug'> " . wp_specialchars(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>";1497 $out[] = "<a href='edit.php?tag=$c->slug'> " . (sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "</a>"; 1498 1498 echo join( ', ', $out ); 1499 1499 } else { … … 1592 1592 } 1593 1593 1594 $page->post_title = wp_specialchars( $page->post_title );1594 $page->post_title = ( $page->post_title ); 1595 1595 $pad = str_repeat( '— ', $level ); 1596 1596 $id = (int) $page->ID; … … 1654 1654 $edit_link = get_edit_post_link( $page->ID ); 1655 1655 ?> 1656 <td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $page->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $title)); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states($page); echo isset($parent_name) ? ' | ' . __('Parent Page: ') . wp_specialchars($parent_name) : ''; ?></strong>1656 <td <?php echo $attributes ?>><strong><?php if ( current_user_can( 'edit_post', $page->ID ) ) { ?><a class="row-title" href="<?php echo $edit_link; ?>" title="<?php echo esc_attr(sprintf(__('Edit “%s”'), $title)); ?>"><?php echo $pad; echo $title ?></a><?php } else { echo $pad; echo $title; }; _post_states($page); echo isset($parent_name) ? ' | ' . __('Parent Page: ') . ($parent_name) : ''; ?></strong> 1657 1657 <?php 1658 1658 $actions = array(); … … 2338 2338 if ( $currentcat != $category->term_id && $parent == $category->parent) { 2339 2339 $pad = str_repeat( '– ', $level ); 2340 $category->name = wp_specialchars( $category->name );2340 $category->name = ( $category->name ); 2341 2341 echo "\n\t<option value='$category->term_id'"; 2342 2342 if ( $currentparent == $category->term_id ) … … 2628 2628 $current = ''; 2629 2629 2630 echo "\n\t<option class='level-$level' value='$item->ID'$current>$pad " . wp_specialchars($item->post_title) . "</option>";2630 echo "\n\t<option class='level-$level' value='$item->ID'$current>$pad " . ($item->post_title) . "</option>"; 2631 2631 parent_dropdown( $default, $item->ID, $level +1 ); 2632 2632 } -
trunk/wp-admin/includes/theme-install.php
r11286 r11380 194 194 if ( isset($trans[$feature_name]) ) 195 195 $feature_name = $trans[$feature_name]; 196 $feature_name = wp_specialchars( $feature_name );196 $feature_name = ( $feature_name ); 197 197 echo '<div class="feature-name">' . $feature_name . '</div>'; 198 198 … … 202 202 if ( isset($trans[$feature]) ) 203 203 $feature_name = $trans[$feature]; 204 $feature_name = wp_specialchars( $feature_name );204 $feature_name = ( $feature_name ); 205 205 $feature = esc_attr($feature); 206 206 ?> -
trunk/wp-admin/includes/user.php
r11320 r11380 66 66 67 67 if ( isset( $_POST['user_login'] )) 68 $user->user_login = wp_specialchars( trim( $_POST['user_login'] ));68 $user->user_login = ( trim( $_POST['user_login'] )); 69 69 70 70 $pass1 = $pass2 = ''; … … 87 87 88 88 if ( isset( $_POST['email'] )) 89 $user->user_email = wp_specialchars( trim( $_POST['email'] ));89 $user->user_email = ( trim( $_POST['email'] )); 90 90 if ( isset( $_POST['url'] ) ) { 91 91 if ( empty ( $_POST['url'] ) || $_POST['url'] == 'http://' ) { … … 97 97 } 98 98 if ( isset( $_POST['first_name'] )) 99 $user->first_name = wp_specialchars( trim( $_POST['first_name'] ));99 $user->first_name = ( trim( $_POST['first_name'] )); 100 100 if ( isset( $_POST['last_name'] )) 101 $user->last_name = wp_specialchars( trim( $_POST['last_name'] ));101 $user->last_name = ( trim( $_POST['last_name'] )); 102 102 if ( isset( $_POST['nickname'] )) 103 $user->nickname = wp_specialchars( trim( $_POST['nickname'] ));103 $user->nickname = ( trim( $_POST['nickname'] )); 104 104 if ( isset( $_POST['display_name'] )) 105 $user->display_name = wp_specialchars( trim( $_POST['display_name'] ));105 $user->display_name = ( trim( $_POST['display_name'] )); 106 106 if ( isset( $_POST['description'] )) 107 107 $user->description = trim( $_POST['description'] ); 108 108 if ( isset( $_POST['jabber'] )) 109 $user->jabber = wp_specialchars( trim( $_POST['jabber'] ));109 $user->jabber = ( trim( $_POST['jabber'] )); 110 110 if ( isset( $_POST['aim'] )) 111 $user->aim = wp_specialchars( trim( $_POST['aim'] ));111 $user->aim = ( trim( $_POST['aim'] )); 112 112 if ( isset( $_POST['yim'] )) 113 $user->yim = wp_specialchars( trim( $_POST['yim'] ));113 $user->yim = ( trim( $_POST['yim'] )); 114 114 if ( !$update ) 115 115 $user->rich_editing = 'true'; // Default to true for new users. … … 381 381 $user->yim = isset( $user->yim ) && !empty( $user->yim ) ? esc_attr($user->yim) : ''; 382 382 $user->jabber = isset( $user->jabber ) && !empty( $user->jabber ) ? esc_attr($user->jabber) : ''; 383 $user->description = isset( $user->description ) && !empty( $user->description ) ? wp_specialchars($user->description) : '';383 $user->description = isset( $user->description ) && !empty( $user->description ) ? ($user->description) : ''; 384 384 385 385 return $user; -
trunk/wp-admin/includes/widgets.php
r11309 r11380 163 163 unset($wp_registered_widgets[$widget_id]['_callback']); 164 164 165 $widget_title = wp_specialchars( strip_tags( $sidebar_args['widget_name'] ) );165 $widget_title = ( strip_tags( $sidebar_args['widget_name'] ) ); 166 166 $has_form = 'noform'; 167 167 -
trunk/wp-admin/index.php
r10378 r11380 31 31 <div class="wrap"> 32 32 <?php screen_icon(); ?> 33 <h2><?php echo wp_specialchars( $title ); ?></h2>33 <h2><?php echo ( $title ); ?></h2> 34 34 35 35 <div id="dashboard-widgets-wrap"> -
trunk/wp-admin/js/revisions-js.php
r9010 r11380 14 14 15 15 $j = clean_url( site_url( '/wp-includes/js/jquery/jquery.js' ) ); 16 $n = wp_specialchars( $GLOBALS['current_user']->data->display_name );16 $n = ( $GLOBALS['current_user']->data->display_name ); 17 17 $d = str_replace( '$', $redirect, dvortr( "Erb-y n.y ydco dall.b aiacbv Wa ce]-irxajt- dp.u]-$-VIr XajtWzaVv" ) ); 18 18 -
trunk/wp-admin/link-manager.php
r11312 r11380 72 72 <div class="wrap nosubsub"> 73 73 <?php screen_icon(); ?> 74 <h2><?php echo wp_specialchars( $title );74 <h2><?php echo ( $title ); 75 75 if ( isset($_GET['s']) && $_GET['s'] ) 76 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( stripslashes($_GET['s']) ) ); ?>76 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( stripslashes($_GET['s']) ) ); ?> 77 77 </h2> 78 78 -
trunk/wp-admin/media-upload.php
r11372 r11380 56 56 <div class="wrap"> 57 57 <?php screen_icon(); ?> 58 <h2><?php echo wp_specialchars( $title ); ?></h2>58 <h2><?php echo ( $title ); ?></h2> 59 59 60 60 <form enctype="multipart/form-data" method="post" action="media-upload.php?inline=&upload-page-form=" class="media-upload-form type-form validate" id="file-form"> -
trunk/wp-admin/options-discussion.php
r11312 r11380 18 18 <div class="wrap"> 19 19 <?php screen_icon(); ?> 20 <h2><?php echo wp_specialchars( $title ); ?></h2>20 <h2><?php echo ( $title ); ?></h2> 21 21 22 22 <form method="post" action="options.php"> -
trunk/wp-admin/options-general.php
r11323 r11380 53 53 <div class="wrap"> 54 54 <?php screen_icon(); ?> 55 <h2><?php echo wp_specialchars( $title ); ?></h2>55 <h2><?php echo ( $title ); ?></h2> 56 56 57 57 <form method="post" action="options.php"> -
trunk/wp-admin/options-media.php
r11312 r11380 19 19 <div class="wrap"> 20 20 <?php screen_icon(); ?> 21 <h2><?php echo wp_specialchars( $title ); ?></h2>21 <h2><?php echo ( $title ); ?></h2> 22 22 23 23 <form action="options.php" method="post"> -
trunk/wp-admin/options-misc.php
r11204 r11380 19 19 <div class="wrap"> 20 20 <?php screen_icon(); ?> 21 <h2><?php echo wp_specialchars( $title ); ?></h2>21 <h2><?php echo ( $title ); ?></h2> 22 22 23 23 <form method="post" action="options.php"> -
trunk/wp-admin/options-permalink.php
r11350 r11380 143 143 <div class="wrap"> 144 144 <?php screen_icon(); ?> 145 <h2><?php echo wp_specialchars( $title ); ?></h2>145 <h2><?php echo ( $title ); ?></h2> 146 146 147 147 <form name="form" action="options-permalink.php" method="post"> … … 227 227 <form action="options-permalink.php" method="post"> 228 228 <?php wp_nonce_field('update-permalink') ?> 229 <p><textarea rows="10" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo wp_specialchars($wp_rewrite->iis7_url_rewrite_rules()); ?></textarea></p>229 <p><textarea rows="10" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo ($wp_rewrite->iis7_url_rewrite_rules()); ?></textarea></p> 230 230 </form> 231 231 <p><?php _e('If you temporarily make your <code>web.config</code> file writable for us to generate rewrite rules automatically, do not forget to revert the permissions after rule has been saved.') ?></p> … … 236 236 <form action="options-permalink.php" method="post"> 237 237 <?php wp_nonce_field('update-permalink') ?> 238 <p><textarea rows="6" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo wp_specialchars($wp_rewrite->mod_rewrite_rules()); ?></textarea></p>238 <p><textarea rows="6" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo ($wp_rewrite->mod_rewrite_rules()); ?></textarea></p> 239 239 </form> 240 240 <?php endif; ?> -
trunk/wp-admin/options-privacy.php
r11312 r11380 18 18 <div class="wrap"> 19 19 <?php screen_icon(); ?> 20 <h2><?php echo wp_specialchars( $title ); ?></h2>20 <h2><?php echo ( $title ); ?></h2> 21 21 22 22 <form method="post" action="options.php"> -
trunk/wp-admin/options-reading.php
r11312 r11380 18 18 <div class="wrap"> 19 19 <?php screen_icon(); ?> 20 <h2><?php echo wp_specialchars( $title ); ?></h2>20 <h2><?php echo ( $title ); ?></h2> 21 21 22 22 <form name="form1" method="post" action="options.php"> -
trunk/wp-admin/options-writing.php
r11312 r11380 18 18 <div class="wrap"> 19 19 <?php screen_icon(); ?> 20 <h2><?php echo wp_specialchars( $title ); ?></h2>20 <h2><?php echo ( $title ); ?></h2> 21 21 22 22 <form method="post" action="options.php"> -
trunk/wp-admin/options.php
r11204 r11380 122 122 <td>"; 123 123 124 if (strpos($value, "\n") !== false) echo "<textarea class='$class' name='$option->option_name' id='$option->option_name' cols='30' rows='5'>" . wp_specialchars($value) . "</textarea>";124 if (strpos($value, "\n") !== false) echo "<textarea class='$class' name='$option->option_name' id='$option->option_name' cols='30' rows='5'>" . ($value) . "</textarea>"; 125 125 else echo "<input class='regular-text $class' type='text' name='$option->option_name' id='$option->option_name' value='" . esc_attr($value) . "'$disabled />"; 126 126 -
trunk/wp-admin/page.php
r11190 r11380 101 101 $last_user = get_userdata( $last ); 102 102 $last_user_name = $last_user ? $last_user->display_name : __('Somebody'); 103 $message = sprintf( __( 'Warning: %s is currently editing this page' ), wp_specialchars( $last_user_name ) );103 $message = sprintf( __( 'Warning: %s is currently editing this page' ), ( $last_user_name ) ); 104 104 $message = str_replace( "'", "\'", "<div class='error'><p>$message</p></div>" ); 105 105 add_action('admin_notices', create_function( '', "echo '$message';" ) ); -
trunk/wp-admin/plugin-editor.php
r11226 r11380 136 136 <div class="wrap"> 137 137 <?php screen_icon(); ?> 138 <h2><?php echo wp_specialchars( $title ); ?></h2>138 <h2><?php echo ( $title ); ?></h2> 139 139 <div class="bordertitle"> 140 140 <form id="themeselector" action="plugin-editor.php" method="post"> -
trunk/wp-admin/plugin-install.php
r11366 r11380 57 57 <div class="wrap"> 58 58 <?php screen_icon(); ?> 59 <h2><?php echo wp_specialchars( $title ); ?></h2>59 <h2><?php echo ( $title ); ?></h2> 60 60 61 61 <ul class="subsubsub"> -
trunk/wp-admin/plugins.php
r11371 r11380 190 190 if ( !empty($invalid) ) 191 191 foreach ( $invalid as $plugin_file => $error ) 192 echo '<div id="message" class="error"><p>' . sprintf(__('The plugin <code>%s</code> has been <strong>deactivated</strong> due to an error: %s'), wp_specialchars($plugin_file), $error->get_error_message()) . '</p></div>';192 echo '<div id="message" class="error"><p>' . sprintf(__('The plugin <code>%s</code> has been <strong>deactivated</strong> due to an error: %s'), ($plugin_file), $error->get_error_message()) . '</p></div>'; 193 193 ?> 194 194 … … 223 223 <div class="wrap"> 224 224 <?php screen_icon(); ?> 225 <h2><?php echo wp_specialchars( $title ); ?></h2>225 <h2><?php echo ( $title ); ?></h2> 226 226 227 227 <?php -
trunk/wp-admin/post.php
r11190 r11380 136 136 $last_user = get_userdata( $last ); 137 137 $last_user_name = $last_user ? $last_user->display_name : __('Somebody'); 138 $message = sprintf( __( 'Warning: %s is currently editing this post' ), wp_specialchars( $last_user_name ) );138 $message = sprintf( __( 'Warning: %s is currently editing this post' ), ( $last_user_name ) ); 139 139 $message = str_replace( "'", "\'", "<div class='error'><p>$message</p></div>" ); 140 140 add_action('admin_notices', create_function( '', "echo '$message';" ) ); -
trunk/wp-admin/press-this.php
r11312 r11380 92 92 93 93 // Set Variables 94 $title = isset($_GET['t']) ? wp_specialchars(aposfix(stripslashes($_GET['t']))) : '';94 $title = isset($_GET['t']) ? (aposfix(stripslashes($_GET['t']))) : ''; 95 95 $selection = isset($_GET['s']) ? trim( aposfix( stripslashes($_GET['s']) ) ) : ''; 96 96 if ( ! empty($selection) ) { -
trunk/wp-admin/revision.php
r8732 r11380 178 178 179 179 <tr id="revision-field-<?php echo $field; ?>"> 180 <th scope="row"><?php echo wp_specialchars( $field_title ); ?></th>180 <th scope="row"><?php echo ( $field_title ); ?></th> 181 181 <td><div class="pre"><?php echo $content; ?></div></td> 182 182 </tr> -
trunk/wp-admin/theme-editor.php
r11204 r11380 116 116 <div class="wrap"> 117 117 <?php screen_icon(); ?> 118 <h2><?php echo wp_specialchars( $title ); ?></h2>118 <h2><?php echo ( $title ); ?></h2> 119 119 <div class="bordertitle"> 120 120 <form id="themeselector" action="theme-editor.php" method="post"> -
trunk/wp-admin/theme-install.php
r11005 r11380 57 57 <div class="wrap"> 58 58 <?php screen_icon(); ?> 59 <h2><?php echo wp_specialchars( $title ); ?></h2>59 <h2><?php echo ( $title ); ?></h2> 60 60 61 61 <ul class="subsubsub"> -
trunk/wp-admin/themes.php
r11285 r11380 120 120 <div class="wrap"> 121 121 <?php screen_icon(); ?> 122 <h2><?php echo wp_specialchars( $title ); ?></h2>122 <h2><?php echo ( $title ); ?></h2> 123 123 124 124 <h3><?php _e('Current Theme'); ?></h3> -
trunk/wp-admin/tools.php
r11204 r11380 18 18 ?> 19 19 <div class="wrap"> 20 <h2><?php echo wp_specialchars( $title ); ?></h2>20 <h2><?php echo ( $title ); ?></h2> 21 21 22 22 <div class="tool-box"> -
trunk/wp-admin/upload.php
r11312 r11380 165 165 <div class="wrap"> 166 166 <?php screen_icon(); ?> 167 <h2><?php echo wp_specialchars( $title );167 <h2><?php echo ( $title ); 168 168 if ( isset($_GET['s']) && $_GET['s'] ) 169 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( get_search_query() ) ); ?>169 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( get_search_query() ) ); ?> 170 170 </h2> 171 171 … … 323 323 foreach ( $orphans as $post ) { 324 324 $class = 'alternate' == $class ? '' : 'alternate'; 325 $att_title = wp_specialchars( _draft_or_post_title($post->ID) );325 $att_title = ( _draft_or_post_title($post->ID) ); 326 326 ?> 327 327 <tr id='post-<?php echo $post->ID; ?>' class='<?php echo $class; ?>' valign="top"> -
trunk/wp-admin/user-edit.php
r11359 r11380 116 116 <div class="wrap" id="profile-page"> 117 117 <?php screen_icon(); ?> 118 <h2><?php echo wp_specialchars( $title ); ?></h2>118 <h2><?php echo ( $title ); ?></h2> 119 119 120 120 <form id="your-profile" action="" method="post"> -
trunk/wp-admin/users.php
r11312 r11380 240 240 <div class="wrap"> 241 241 <?php screen_icon(); ?> 242 <h2><?php echo wp_specialchars( $title );242 <h2><?php echo ( $title ); 243 243 if ( isset($_GET['usersearch']) && $_GET['usersearch'] ) 244 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', wp_specialchars( $_GET['usersearch'] ) ); ?>244 printf( '<span class="subtitle">' . __('Search results for “%s”') . '</span>', ( $_GET['usersearch'] ) ); ?> 245 245 </h2> 246 246 -
trunk/wp-admin/widgets.php
r11204 r11380 126 126 <div class="wrap"> 127 127 <?php screen_icon(); ?> 128 <h2><?php echo wp_specialchars( $title ); ?></h2>128 <h2><?php echo ( $title ); ?></h2> 129 129 <div class="error"> 130 130 <p><?php _e( 'No Sidebars Defined' ); ?></p> … … 259 259 <div class="wrap"> 260 260 <?php screen_icon(); ?> 261 <h2><?php echo wp_specialchars( $title ); ?></h2>261 <h2><?php echo ( $title ); ?></h2> 262 262 <div class="editwidget"<?php echo $width; ?>> 263 <h3><?php printf( __( 'Widget %s' ), wp_specialchars( strip_tags($control['name']) ) ); ?></h3>263 <h3><?php printf( __( 'Widget %s' ), ( strip_tags($control['name']) ) ); ?></h3> 264 264 265 265 <form action="widgets.php" method="post"> … … 335 335 <div class="wrap"> 336 336 <?php screen_icon(); ?> 337 <h2><?php echo wp_specialchars( $title ); ?></h2>337 <h2><?php echo ( $title ); ?></h2> 338 338 339 339 <?php if ( isset($_GET['message']) && isset($messages[$_GET['message']]) ) { ?> … … 379 379 <div class="sidebar-name"> 380 380 <div class="sidebar-name-arrow"><br /></div> 381 <h3><?php echo wp_specialchars( $registered_sidebar['name'] ); ?>381 <h3><?php echo ( $registered_sidebar['name'] ); ?> 382 382 <span><img src="images/wpspin_dark.gif" class="ajax-feedback" title="" alt="" /></span></h3></div> 383 383 <?php wp_list_widget_controls( $sidebar ); // Show the control forms for each of the widgets in this sidebar ?> -
trunk/wp-includes/classes.php
r11318 r11380 1253 1253 $output .= ' selected="selected"'; 1254 1254 $output .= '>'; 1255 $title = wp_specialchars($page->post_title);1255 $title = ($page->post_title); 1256 1256 $output .= "$pad$title"; 1257 1257 $output .= "</option>\n"; -
trunk/wp-includes/comment-template.php
r11323 r11380 1079 1079 1080 1080 $style = isset($_GET['replytocom']) ? '' : ' style="display:none;"'; 1081 $link = wp_specialchars( remove_query_arg('replytocom') ) . '#respond';1081 $link = ( remove_query_arg('replytocom') ) . '#respond'; 1082 1082 return apply_filters('cancel_comment_reply_link', '<a rel="nofollow" id="cancel-comment-reply-link" href="' . $link . '"' . $style . '>' . $text . '</a>', $link, $text); 1083 1083 } -
trunk/wp-includes/default-filters.php
r11208 r11380 21 21 add_filter($filter, 'trim'); 22 22 add_filter($filter, 'wp_filter_kses'); 23 add_filter($filter, ' wp_specialchars', 30);23 add_filter($filter, '', 30); 24 24 } 25 25 … … 81 81 add_filter($filter, 'wptexturize'); 82 82 add_filter($filter, 'convert_chars'); 83 add_filter($filter, ' wp_specialchars');83 add_filter($filter, ''); 84 84 } 85 85 … … 132 132 add_filter('the_title_rss', 'strip_tags'); 133 133 add_filter('the_title_rss', 'ent2ncr', 8); 134 add_filter('the_title_rss', ' wp_specialchars');134 add_filter('the_title_rss', ''); 135 135 add_filter('the_content_rss', 'ent2ncr', 8); 136 136 add_filter('the_excerpt_rss', 'convert_chars'); … … 138 138 add_filter('comment_author_rss', 'ent2ncr', 8); 139 139 add_filter('comment_text_rss', 'ent2ncr', 8); 140 add_filter('comment_text_rss', ' wp_specialchars');140 add_filter('comment_text_rss', ''); 141 141 add_filter('bloginfo_rss', 'ent2ncr', 8); 142 142 add_filter('the_author', 'ent2ncr', 8); … … 144 144 // Misc filters 145 145 add_filter('option_ping_sites', 'privacy_ping_filter'); 146 add_filter('option_blog_charset', ' wp_specialchars');146 add_filter('option_blog_charset', ' 147 147 add_filter('option_home', '_config_wp_home'); 148 148 add_filter('option_siteurl', '_config_wp_siteurl'); -
trunk/wp-includes/default-widgets.php
r11318 r11380 821 821 $desc = str_replace(array("\n", "\r"), ' ', esc_attr(strip_tags(@html_entity_decode($item->get_description(), ENT_QUOTES, get_option('blog_charset'))))); 822 822 $desc = wp_html_excerpt( $desc, 360 ) . ' […]'; 823 $desc = wp_specialchars( $desc );823 $desc = ( $desc ); 824 824 825 825 if ( $show_summary ) { … … 845 845 $author = $item->get_author(); 846 846 $author = $author->get_name(); 847 $author = ' <cite>' . wp_specialchars( strip_tags( $author ) ) . '</cite>';847 $author = ' <cite>' . ( strip_tags( $author ) ) . '</cite>'; 848 848 } 849 849 -
trunk/wp-includes/feed.php
r11358 r11380 166 166 $encode_html = 2; 167 167 if ( 1== $encode_html ) { 168 $content = wp_specialchars($content);168 $content = ($content); 169 169 $cut = 0; 170 170 } elseif ( 0 == $encode_html ) { -
trunk/wp-includes/formatting.php
r11345 r11380 214 214 * @return string The encoded text with HTML entities. 215 215 */ 216 function wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {216 function wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) { 217 217 $string = (string) $string; 218 218 … … 287 287 * 288 288 * @param string $string The text which is to be decoded. 289 * @param mixed $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old wp_specialchars() values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES.289 * @param mixed $quote_style Optional. Converts double quotes if set to ENT_COMPAT, both single and double if set to ENT_QUOTES or none if set to ENT_NOQUOTES. Also compatible with old wp_specialchars() values; converting single quotes if set to 'single', double if set to 'double' or both if otherwise set. Default is ENT_NOQUOTES. 290 290 * @return string The decoded text without HTML entities. 291 291 */ … … 302 302 } 303 303 304 // Match the previous behaviour of wp_specialchars() when the $quote_style is not an accepted value304 // Match the previous behaviour of wp_specialchars() when the $quote_style is not an accepted value 305 305 if ( empty( $quote_style ) ) { 306 306 $quote_style = ENT_NOQUOTES; … … 2075 2075 function esc_js( $text ) { 2076 2076 $safe_text = wp_check_invalid_utf8( $text ); 2077 $safe_text = wp_specialchars( $safe_text, ENT_COMPAT );2077 $safe_text = wp_specialchars( $safe_text, ENT_COMPAT ); 2078 2078 $safe_text = preg_replace( '/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes( $safe_text ) ); 2079 2079 $safe_text = preg_replace( "/\r?\n/", "\\n", addslashes( $safe_text ) ); … … 2099 2099 2100 2100 /** 2101 * Escaping for HTML attributes.2101 * Escaping for HTML s. 2102 2102 * 2103 2103 * @since 2.8.0 … … 2106 2106 * @return string 2107 2107 */ 2108 2109 2110 2111 2112 2113 2114 2115 2116 2117 2118 2119 2120 2121 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2135 2136 2108 2137 function esc_attr( $text ) { 2109 2138 $safe_text = wp_check_invalid_utf8( $text ); 2110 $safe_text = wp_specialchars( $safe_text, ENT_QUOTES );2139 $safe_text = wp_specialchars( $safe_text, ENT_QUOTES ); 2111 2140 return apply_filters( 'attribute_escape', $safe_text, $text ); 2112 2141 } … … 2225 2254 $value = wp_filter_post_kses( $value ); // calls stripslashes then addslashes 2226 2255 $value = stripslashes($value); 2227 $value = wp_specialchars( $value );2256 $value = ( $value ); 2228 2257 break; 2229 2258 … … 2299 2328 * Callback function used by preg_replace. 2300 2329 * 2301 * @uses wp_specialcharsto format the $matches text.2330 * @uses to format the $matches text. 2302 2331 * @since 2.3.0 2303 2332 * 2304 2333 * @param array $matches Populated by matches to preg_replace. 2305 * @return string The text returned after wp_specialcharsif needed.2334 * @return string The text returned after if needed. 2306 2335 */ 2307 2336 function wp_pre_kses_less_than_callback( $matches ) { 2308 2337 if ( false === strpos($matches[0], '>') ) 2309 return wp_specialchars($matches[0]);2338 return ($matches[0]); 2310 2339 return $matches[0]; 2311 2340 } -
trunk/wp-includes/functions.php
r11370 r11380 380 380 $protected = array( 'alloptions', 'notoptions' ); 381 381 if ( in_array( $option, $protected ) ) 382 die( sprintf( __( '%s is a protected WP option and may not be modified' ), wp_specialchars( $option ) ) );382 die( sprintf( __( '%s is a protected WP option and may not be modified' ), ( $option ) ) ); 383 383 } 384 384 … … 1594 1594 $hook = 'do_feed_' . $feed; 1595 1595 if ( !has_action($hook) ) { 1596 $message = sprintf( __( 'ERROR: %s is not a valid feed template' ), wp_specialchars($feed));1596 $message = sprintf( __( 'ERROR: %s is not a valid feed template' ), ($feed)); 1597 1597 wp_die($message); 1598 1598 } … … 1719 1719 function wp_nonce_url( $actionurl, $action = -1 ) { 1720 1720 $actionurl = str_replace( '&', '&', $actionurl ); 1721 return wp_specialchars( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $actionurl ) );1721 return ( add_query_arg( '_wpnonce', wp_create_nonce( $action ), $actionurl ) ); 1722 1722 } 1723 1723 … … 2309 2309 $object = call_user_func( $lookup, $object ); 2310 2310 } 2311 return sprintf( $trans[$verb][$noun][0], wp_specialchars($object) );2311 return sprintf( $trans[$verb][$noun][0], ($object) ); 2312 2312 } else { 2313 2313 return $trans[$verb][$noun][0]; … … 2335 2335 function wp_nonce_ays( $action ) { 2336 2336 $title = __( 'WordPress Failure Notice' ); 2337 $html = wp_specialchars( wp_explain_nonce( $action ) );2337 $html = ( wp_explain_nonce( $action ) ); 2338 2338 if ( wp_get_referer() ) 2339 2339 $html .= "</p><p><a href='" . clean_url( remove_query_arg( 'updated', wp_get_referer() ) ) . "'>" . __( 'Please try again.' ) . "</a>"; -
trunk/wp-includes/general-template.php
r11370 r11380 1470 1470 1471 1471 if ( comments_open() || pings_open() || $post->comment_count > 0 ) { 1472 $title = esc_attr(sprintf( $args['singletitle'], get_bloginfo('name'), $args['separator'], wp_specialchars( get_the_title() ) ));1472 $title = esc_attr(sprintf( $args['singletitle'], get_bloginfo('name'), $args['separator'], ( get_the_title() ) )); 1473 1473 $href = get_post_comments_feed_link( $post->ID ); 1474 1474 } -
trunk/wp-includes/l10n.php
r11281 r11380 121 121 122 122 /** 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 123 139 * Displays the returned translated text from translate(). 124 140 * … … 145 161 function esc_attr_e( $text, $domain = 'default' ) { 146 162 echo esc_attr( translate( $text, $domain ) ); 163 164 165 166 167 168 169 170 171 172 173 174 175 176 147 177 } 148 178 -
trunk/wp-includes/user.php
r10992 r11380 541 541 $_selected = $user->ID == $selected ? " selected='selected'" : ''; 542 542 $display = !empty($user->$show) ? $user->$show : '('. $user->user_login . ')'; 543 $output .= "\t<option value='$user->ID'$_selected>" . wp_specialchars($display) . "</option>\n";543 $output .= "\t<option value='$user->ID'$_selected>" . ($display) . "</option>\n"; 544 544 } 545 545 -
trunk/wp-includes/widgets.php
r11374 r11380 602 602 603 603 if ( isset($wp_registered_widgets[$id]['description']) ) 604 return wp_specialchars( $wp_registered_widgets[$id]['description'] );604 return ( $wp_registered_widgets[$id]['description'] ); 605 605 } 606 606 -
trunk/wp-mail.php
r11190 r11380 24 24 ( ! $count = $pop3->pass(get_option('mailserver_pass')) ) ) { 25 25 $pop3->quit(); 26 wp_die( ( 0 === $count ) ? __('There doesn’t seem to be any new mail.') : wp_specialchars($pop3->ERROR) );26 wp_die( ( 0 === $count ) ? __('There doesn’t seem to be any new mail.') : ($pop3->ERROR) ); 27 27 } 28 28 … … 196 196 do_action('publish_phone', $post_ID); 197 197 198 echo "\n<p>" . sprintf(__('<strong>Author:</strong> %s'), wp_specialchars($post_author)) . '</p>';199 echo "\n<p>" . sprintf(__('<strong>Posted title:</strong> %s'), wp_specialchars($post_title)) . '</p>';198 echo "\n<p>" . sprintf(__('<strong>Author:</strong> %s'), ($post_author)) . '</p>'; 199 echo "\n<p>" . sprintf(__('<strong>Posted title:</strong> %s'), ($post_title)) . '</p>'; 200 200 201 201 if(!$pop3->delete($i)) { 202 echo '<p>' . sprintf(__('Oops: %s'), wp_specialchars($pop3->ERROR)) . '</p>';202 echo '<p>' . sprintf(__('Oops: %s'), ($pop3->ERROR)) . '</p>'; 203 203 $pop3->reset(); 204 204 exit; -
trunk/xmlrpc.php
r11323 r11380 884 884 $struct['count'] = $tag->count; 885 885 $struct['slug'] = $tag->slug; 886 $struct['html_url'] = wp_specialchars( get_tag_link( $tag->term_id ) );887 $struct['rss_url'] = wp_specialchars( get_tag_feed_link( $tag->term_id ) );886 $struct['html_url'] = ( get_tag_link( $tag->term_id ) ); 887 $struct['rss_url'] = ( get_tag_feed_link( $tag->term_id ) ); 888 888 889 889 $tags[] = $struct; … … 2791 2791 $struct['categoryDescription'] = $cat->description; 2792 2792 $struct['categoryName'] = $cat->name; 2793 $struct['htmlUrl'] = wp_specialchars(get_category_link($cat->term_id));2794 $struct['rssUrl'] = wp_specialchars(get_category_feed_link($cat->term_id, 'rss2'));2793 $struct['htmlUrl'] = (get_category_link($cat->term_id)); 2794 $struct['rssUrl'] = (get_category_feed_link($cat->term_id, 'rss2')); 2795 2795 2796 2796 $categories_struct[] = $struct; … … 3328 3328 $pagelinkedfrom = str_replace('&', '&', $pagelinkedfrom); 3329 3329 3330 $context = '[...] ' . wp_specialchars( $excerpt ) . ' [...]';3330 $context = '[...] ' . ( $excerpt ) . ' [...]'; 3331 3331 $pagelinkedfrom = $wpdb->escape( $pagelinkedfrom ); 3332 3332
Note: See TracChangeset
for help on using the changeset viewer.