WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

List tables: escape user e-mails 

Better safe than sorry.

Built from https://develop.svn.wordpress.org/trunk@34133


git-svn-id: http://core.svn.wordpress.org/trunk@34101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Nikolay Bachiyski 2015-09-14 22:33:25 +00:00
parent 1a01a9ab55
commit 097c4fd2f4
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/includes/class-wp-ms-users-list-table.php
View File

@ -240,7 +240,7 @@ class WP_MS_Users_List_Table extends WP_List_Table {
* @param WP_User $user The current WP_User object.
*/
public function column_email( $user ) {
echo "<a href='mailto:$user->user_email'>$user->user_email</a>";
echo "<a href='" . esc_url( "mailto:$user->user_email" ) . "'>$user->user_email</a>";
}
/**

2
wp-admin/includes/class-wp-users-list-table.php
View File

@ -434,7 +434,7 @@ class WP_Users_List_Table extends WP_List_Table {
$r .= "$user_object->first_name $user_object->last_name";
break;
case 'email':
$r .= "<a href='mailto:$email'>$email</a>";
$r .= "<a href='" . esc_url( "mailto:$email" ) . "'>$email</a>";
break;
case 'role':
$r .= $role_name;

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.4-alpha-34132';
$wp_version = '4.4-alpha-34133';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.