From 33b295b2b30feb5ba3c7ab5943063f8b1630685a Mon Sep 17 00:00:00 2001 From: markjaquith Date: Wed, 1 Aug 2007 20:58:38 +0000 Subject: [PATCH] More upload escaping. Props Brian Layman. fixes #4689 for 2.2.x git-svn-id: http://svn.automattic.com/wordpress/branches/2.2@5838 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/upload-functions.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/wp-admin/upload-functions.php b/wp-admin/upload-functions.php index 9f2d64964a..dc98a07cb6 100644 --- a/wp-admin/upload-functions.php +++ b/wp-admin/upload-functions.php @@ -107,7 +107,7 @@ function wp_upload_form() { $enctype = $id ? '' : ' enctype="multipart/form-data"'; $post_id = (int) $post_id; ?> - id="upload-file" method="post" action=""> + id="upload-file" method="post" action=""> " + . " " . __('Browse Files') . '' ); @@ -212,7 +212,7 @@ function wp_upload_tab_upload_action() { if ( isset($file['error']) ) wp_die($file['error'] . "
" . __('Back to Image Uploading') . '' + . "/wp-admin/upload.php?style=" . attribute_escape($style . "&tab=$from_tab&post_id=$post_id") . "'>" . __('Back to Image Uploading') . '' ); $url = $file['url']; @@ -259,7 +259,7 @@ function wp_upload_tab_upload_action() { if ( !current_user_can('edit_post', (int) $ID) ) wp_die( __('You are not allowed to delete this attachment.') - . " " + . " " . __('Go back') . '' );