Backport js_escape()

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2006-05-18 01:10:57 +00:00
parent a5547588d7
commit 32e899d12b
4 changed files with 9 additions and 4 deletions

View File

@ -98,7 +98,7 @@ if ('view' == $mode) {
<p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A'); <p><?php _e('Posted'); echo ' '; comment_date('M j, g:i A');
if ( current_user_can('edit_post', $comment->comment_post_ID) ) { if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
echo " | <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>"; echo " | <a href=\"post.php?action=editcomment&amp;comment=".$comment->comment_ID."\">" . __('Edit Comment') . "</a>";
echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'delete-comment' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete Comment') . '</a> '; echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&amp;p=' . $post->ID . '&amp;comment=' . $comment->comment_ID, 'delete-comment' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($comment->comment_author)) . "' );\">" . __('Delete Comment') . '</a> ';
} // end if any comments to show } // end if any comments to show
// Get post title // Get post title
if ( current_user_can('edit_post', $comment->comment_post_ID) ) { if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
@ -151,7 +151,7 @@ if ('view' == $mode) {
<td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
echo "<a href='post.php?action=editcomment&amp;comment=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td> echo "<a href='post.php?action=editcomment&amp;comment=$comment->comment_ID' class='edit'>" . __('Edit') . "</a>"; } ?></td>
<td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) { <td><?php if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
echo "<a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), wp_specialchars( $comment->comment_author, 1 )) . "')\" class='delete'>" . __('Delete') . "</a>"; } ?></td> echo "<a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return confirm('" . sprintf(__("You are about to delete this comment by \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), js_escape( $comment->comment_author)) . "')\" class='delete'>" . __('Delete') . "</a>"; } ?></td>
</tr> </tr>
<?php <?php
} // end foreach } // end foreach

View File

@ -210,7 +210,7 @@ foreach($posts_columns as $column_name=>$column_display_name) {
case 'control_delete': case 'control_delete':
?> ?>
<td><?php if ( current_user_can('edit_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . sprintf(__("You are about to delete this post &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), addslashes(wp_specialchars(get_the_title(),'double')) ) . "' );\">" . __('Delete') . "</a>"; } ?></td> <td><?php if ( current_user_can('edit_post',$post->ID) ) { echo "<a href='" . wp_nonce_url("post.php?action=delete&amp;post=$id", 'delete-post' . $post->ID) . "' class='delete' onclick=\"return deleteSomething( 'post', " . $id . ", '" . sprintf(__("You are about to delete this post &quot;%s&quot;.\\n&quot;OK&quot; to delete, &quot;Cancel&quot; to stop."), js_escape(get_the_title())) . "' );\">" . __('Delete') . "</a>"; } ?></td>
<?php <?php
break; break;

View File

@ -151,7 +151,7 @@ $i = 0;
echo '<a href="post.php?action=editcomment&amp;comment='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';?> echo '<a href="post.php?action=editcomment&amp;comment='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';?>
<a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a> | <a href="<?php echo get_permalink($comment->comment_post_ID); ?>"><?php _e('View Post') ?></a> |
<?php <?php
echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), wp_specialchars($comment->comment_author, 1)) . "' );\">" . __('Delete just this comment') . "</a> | "; ?> <?php _e('Bulk action:') ?> echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_ecape($comment->comment_author)) . "' );\">" . __('Delete just this comment') . "</a> | "; ?> <?php _e('Bulk action:') ?>
<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-approve" value="approve" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-approve"><?php _e('Approve') ?></label> <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-approve" value="approve" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-approve"><?php _e('Approve') ?></label>
<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-spam" value="spam" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-spam"><?php _e('Spam') ?></label> <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-spam" value="spam" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-spam"><?php _e('Spam') ?></label>
<input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-delete" value="delete" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label> <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-delete" value="delete" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label>

View File

@ -1015,4 +1015,9 @@ function wp_richedit_pre($text) {
return apply_filters('richedit_pre', $output); return apply_filters('richedit_pre', $output);
} }
// Escape single quotes, specialchar double quotes, and fix line endings.
function js_escape($text) {
$text = wp_specialchars($text, 'double');
return preg_replace("/\r?\n/", "\\n", addslashes($text));
}
?> ?>