attribute_escape() and int-casting paranoia for trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@7820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
6d0ac532e3
commit
08f237c227
|
@ -632,7 +632,7 @@ function get_media_item( $attachment_id, $args = null ) {
|
||||||
if ( isset($post_mime_types) ) {
|
if ( isset($post_mime_types) ) {
|
||||||
$keys = array_keys(wp_match_mime_types(array_keys($post_mime_types), $post->post_mime_type));
|
$keys = array_keys(wp_match_mime_types(array_keys($post_mime_types), $post->post_mime_type));
|
||||||
$type = array_shift($keys);
|
$type = array_shift($keys);
|
||||||
$type = "<input type='hidden' id='type-of-$attachment_id' value='$type' />";
|
$type = "<input type='hidden' id='type-of-$attachment_id' value='" . attribute_escape( $type ) . "' />";
|
||||||
}
|
}
|
||||||
|
|
||||||
$form_fields = get_attachment_fields_to_edit($post, $errors);
|
$form_fields = get_attachment_fields_to_edit($post, $errors);
|
||||||
|
@ -674,7 +674,7 @@ function get_media_item( $attachment_id, $args = null ) {
|
||||||
|
|
||||||
$delete_href = wp_nonce_url("post.php?action=delete-post&post=$attachment_id", 'delete-post_' . $attachment_id);
|
$delete_href = wp_nonce_url("post.php?action=delete-post&post=$attachment_id", 'delete-post_' . $attachment_id);
|
||||||
if ( $send )
|
if ( $send )
|
||||||
$send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . __('Insert into Post') . "' />";
|
$send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attribute_escape( __( 'Insert into Post' ) ) . "' />";
|
||||||
if ( $delete )
|
if ( $delete )
|
||||||
$delete = "<a href='$delete_href' id='del[$attachment_id]' disabled='disabled' class='delete'>" . __('Delete') . "</button>";
|
$delete = "<a href='$delete_href' id='del[$attachment_id]' disabled='disabled' class='delete'>" . __('Delete') . "</button>";
|
||||||
if ( ( $send || $delete ) && !isset($form_fields['buttons']) )
|
if ( ( $send || $delete ) && !isset($form_fields['buttons']) )
|
||||||
|
@ -707,9 +707,9 @@ function get_media_item( $attachment_id, $args = null ) {
|
||||||
if ( !empty($field[$field['input']]) )
|
if ( !empty($field[$field['input']]) )
|
||||||
$item .= $field[$field['input']];
|
$item .= $field[$field['input']];
|
||||||
elseif ( $field['input'] == 'textarea' ) {
|
elseif ( $field['input'] == 'textarea' ) {
|
||||||
$item .= "<textarea type='text' id='$name' name='$name'>" . wp_specialchars($field['value'], 1) . "</textarea>";
|
$item .= "<textarea type='text' id='$name' name='$name'>" . attribute_escape( $field['value'] ) . "</textarea>";
|
||||||
} else {
|
} else {
|
||||||
$item .= "<input type='text' id='$name' name='$name' value='" . wp_specialchars($field['value'], 1) . "' />";
|
$item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "' />";
|
||||||
}
|
}
|
||||||
if ( !empty($field['helps']) )
|
if ( !empty($field['helps']) )
|
||||||
$item .= "<p class='help'>" . join( "</p>\n<p class='help'>", array_unique((array) $field['helps']) ) . '</p>';
|
$item .= "<p class='help'>" . join( "</p>\n<p class='help'>", array_unique((array) $field['helps']) ) . '</p>';
|
||||||
|
@ -737,7 +737,7 @@ function get_media_item( $attachment_id, $args = null ) {
|
||||||
$item .= "\t</table>\n";
|
$item .= "\t</table>\n";
|
||||||
|
|
||||||
foreach ( $hidden_fields as $name => $value )
|
foreach ( $hidden_fields as $name => $value )
|
||||||
$item .= "\t<input type='hidden' name='$name' id='$name' value='" . wp_specialchars($value, 1) . "' />\n";
|
$item .= "\t<input type='hidden' name='$name' id='$name' value='" . attribute_escape( $value ) . "' />\n";
|
||||||
|
|
||||||
return $item;
|
return $item;
|
||||||
}
|
}
|
||||||
|
@ -765,7 +765,7 @@ function media_upload_form( $errors = null ) {
|
||||||
$post_id = intval($_REQUEST['post_id']);
|
$post_id = intval($_REQUEST['post_id']);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<input type='hidden' name='post_id' value='<?php echo $post_id; ?>' />
|
<input type='hidden' name='post_id' value='<?php echo (int) $post_id; ?>' />
|
||||||
<div id="media-upload-notice">
|
<div id="media-upload-notice">
|
||||||
<?php if (isset($errors['upload_notice']) ) { ?>
|
<?php if (isset($errors['upload_notice']) ) { ?>
|
||||||
<?php echo $errors['upload_notice']; ?>
|
<?php echo $errors['upload_notice']; ?>
|
||||||
|
@ -817,7 +817,7 @@ jQuery(function($){
|
||||||
|
|
||||||
<div id="flash-upload-ui">
|
<div id="flash-upload-ui">
|
||||||
<?php do_action('pre-flash-upload-ui'); ?>
|
<?php do_action('pre-flash-upload-ui'); ?>
|
||||||
<p><input id="flash-browse-button" type="button" value="<?php _e('Choose files to upload'); ?>" class="button" /></p>
|
<p><input id="flash-browse-button" type="button" value="<?php echo attribute_escape( __( 'Choose files to upload' ) ); ?>" class="button" /></p>
|
||||||
<?php do_action('post-flash-upload-ui'); ?>
|
<?php do_action('post-flash-upload-ui'); ?>
|
||||||
<p class="howto"><?php _e('After a file has been uploaded, you can add titles and descriptions.'); ?></p>
|
<p class="howto"><?php _e('After a file has been uploaded, you can add titles and descriptions.'); ?></p>
|
||||||
</div>
|
</div>
|
||||||
|
@ -829,7 +829,7 @@ jQuery(function($){
|
||||||
<p>
|
<p>
|
||||||
<input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attribute_escape(__('Upload')); ?>" /> <a href="#" onClick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
|
<input type="file" name="async-upload" id="async-upload" /> <input type="submit" class="button" name="html-upload" value="<?php echo attribute_escape(__('Upload')); ?>" /> <a href="#" onClick="return top.tb_remove();"><?php _e('Cancel'); ?></a>
|
||||||
</p>
|
</p>
|
||||||
<input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />
|
<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
|
||||||
<br class="clear" />
|
<br class="clear" />
|
||||||
<?php if ( is_lighttpd_before_150() ): ?>
|
<?php if ( is_lighttpd_before_150() ): ?>
|
||||||
<p><?php _e('If you want to use all capabilities of the uploader, like uploading multiple files at once, please upgrade to lighttpd 1.5.'); ?></p>
|
<p><?php _e('If you want to use all capabilities of the uploader, like uploading multiple files at once, please upgrade to lighttpd 1.5.'); ?></p>
|
||||||
|
@ -852,7 +852,7 @@ function media_upload_type_form($type = 'file', $errors = null, $id = null) {
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
|
<form enctype="multipart/form-data" method="post" action="<?php echo attribute_escape($form_action_url); ?>" class="media-upload-form type-form validate" id="<?php echo $type; ?>-form">
|
||||||
<input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />
|
<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
|
||||||
<?php wp_nonce_field('media-form'); ?>
|
<?php wp_nonce_field('media-form'); ?>
|
||||||
<h3><?php _e('From Computer'); ?></h3>
|
<h3><?php _e('From Computer'); ?></h3>
|
||||||
<?php media_upload_form( $errors ); ?>
|
<?php media_upload_form( $errors ); ?>
|
||||||
|
@ -872,7 +872,7 @@ jQuery(function($){
|
||||||
<div id="media-items">
|
<div id="media-items">
|
||||||
<?php echo get_media_items( $id, $errors ); ?>
|
<?php echo get_media_items( $id, $errors ); ?>
|
||||||
</div>
|
</div>
|
||||||
<input type="submit" class="button savebutton" name="save" value="<?php _e('Save all changes'); ?>" />
|
<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
|
||||||
|
|
||||||
<?php elseif ( is_callable($callback) ) : ?>
|
<?php elseif ( is_callable($callback) ) : ?>
|
||||||
|
|
||||||
|
@ -886,7 +886,7 @@ jQuery(function($){
|
||||||
<?php echo call_user_func($callback); ?>
|
<?php echo call_user_func($callback); ?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<input type="submit" class="button savebutton" name="save" value="<?php _e('Save all changes'); ?>" />
|
<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
}
|
}
|
||||||
|
@ -919,11 +919,11 @@ jQuery(function($){
|
||||||
<div id="media-items">
|
<div id="media-items">
|
||||||
<?php echo get_media_items($post_id, $errors); ?>
|
<?php echo get_media_items($post_id, $errors); ?>
|
||||||
</div>
|
</div>
|
||||||
<input type="submit" class="button savebutton" name="save" value="<?php _e('Save all changes'); ?>" />
|
<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
|
||||||
<input type="submit" class="button insert-gallery" name="insert-gallery" value="<?php _e('Insert gallery into post'); ?>" />
|
<input type="submit" class="button insert-gallery" name="insert-gallery" value="<?php echo attribute_escape( __( 'Insert gallery into post' ) ); ?>" />
|
||||||
<input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />
|
<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
|
||||||
<input type="hidden" name="type" value="<?php echo $GLOBALS['type']; ?>" />
|
<input type="hidden" name="type" value="<?php echo attribute_escape( $GLOBALS['type'] ); ?>" />
|
||||||
<input type="hidden" name="tab" value="<?php echo $GLOBALS['tab']; ?>" />
|
<input type="hidden" name="tab" value="<?php echo attribute_escape( $GLOBALS['tab'] ); ?>" />
|
||||||
</form>
|
</form>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
@ -951,13 +951,13 @@ function media_upload_library_form($errors) {
|
||||||
|
|
||||||
<form id="filter" action="" method="get">
|
<form id="filter" action="" method="get">
|
||||||
<input type="hidden" name="type" value="<?php echo attribute_escape( $type ); ?>" />
|
<input type="hidden" name="type" value="<?php echo attribute_escape( $type ); ?>" />
|
||||||
<input type="hidden" name="tab" value="<?php echo $tab; ?>" />
|
<input type="hidden" name="tab" value="<?php echo attribute_escape( $tab ); ?>" />
|
||||||
<input type="hidden" name="post_id" value="<?php echo $post_id; ?>" />
|
<input type="hidden" name="post_id" value="<?php echo (int) $post_id; ?>" />
|
||||||
<input type="hidden" name="post_mime_type" value="<?php echo wp_specialchars($_GET['post_mime_type'], true); ?>" />
|
<input type="hidden" name="post_mime_type" value="<?php echo attribute_escape( $_GET['post_mime_type'] ); ?>" />
|
||||||
|
|
||||||
<div id="search-filter">
|
<div id="search-filter">
|
||||||
<input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" />
|
<input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" />
|
||||||
<input type="submit" value="<?php _e( 'Search Media' ); ?>" class="button" />
|
<input type="submit" value="<?php echo attribute_escape( __( 'Search Media' ) ); ?>" class="button" />
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
|
@ -1031,15 +1031,15 @@ foreach ($arc_result as $arc_row) {
|
||||||
else
|
else
|
||||||
$default = '';
|
$default = '';
|
||||||
|
|
||||||
echo "<option$default value='$arc_row->yyear$arc_row->mmonth'>";
|
echo "<option$default value='" . attribute_escape( $arc_row->yyear$arc_row->mmonth ) . "'>";
|
||||||
echo $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear";
|
echo wp_specialchars( $wp_locale->get_month($arc_row->mmonth) . " $arc_row->yyear" );
|
||||||
echo "</option>\n";
|
echo "</option>\n";
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
</select>
|
</select>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
|
|
||||||
<input type="submit" id="post-query-submit" value="<?php _e('Filter »'); ?>" class="button-secondary" />
|
<input type="submit" id="post-query-submit" value="<?php echo attribute_escape( __( 'Filter »' ) ); ?>" class="button-secondary" />
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -1067,8 +1067,8 @@ jQuery(function($){
|
||||||
<div id="media-items">
|
<div id="media-items">
|
||||||
<?php echo get_media_items(null, $errors); ?>
|
<?php echo get_media_items(null, $errors); ?>
|
||||||
</div>
|
</div>
|
||||||
<input type="submit" class="button savebutton" name="save" value="<?php _e('Save all changes'); ?>" />
|
<input type="submit" class="button savebutton" name="save" value="<?php echo attribute_escape( __( 'Save all changes' ) ); ?>" />
|
||||||
<input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />
|
<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
|
||||||
</form>
|
</form>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue