Add some filtering. Props jhodgdon. fixes #3595

git-svn-id: http://svn.automattic.com/wordpress/trunk@6160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2007-09-23 19:25:15 +00:00
parent e76e370638
commit 8d349aa85c
3 changed files with 7 additions and 7 deletions

View File

@ -25,8 +25,8 @@ function _walk_bookmarks($bookmarks, $args = '' ) {
if ( '' != $rel ) if ( '' != $rel )
$rel = ' rel="' . $rel . '"'; $rel = ' rel="' . $rel . '"';
$desc = attribute_escape(apply_filters('link_description', $bookmark->link_description)); $desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
$name = attribute_escape(apply_filters('link_title', $bookmark->link_name)); $name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
$title = $desc; $title = $desc;
if ( $show_updated ) if ( $show_updated )

View File

@ -585,8 +585,8 @@ function get_links($category = -1,
if ( '' != $rel ) if ( '' != $rel )
$rel = ' rel="' . $rel . '"'; $rel = ' rel="' . $rel . '"';
$desc = attribute_escape($row->link_description); $desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
$name = attribute_escape($row->link_name); $name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
$title = $desc; $title = $desc;
if ( $show_updated ) if ( $show_updated )
@ -667,7 +667,7 @@ function get_links_list($order = 'name', $hide_if_empty = 'obsolete') {
// Handle each category. // Handle each category.
// Display the category name // Display the category name
echo ' <li id="linkcat-' . $cat->term_id . '" class="linkcat"><h2>' . $cat->name . "</h2>\n\t<ul>\n"; echo ' <li id="linkcat-' . $cat->term_id . '" class="linkcat"><h2>' . apply_filters('link_category', $cat->name ) . "</h2>\n\t<ul>\n";
// Call get_links() with all the appropriate params // Call get_links() with all the appropriate params
get_links($cat->term_id, '<li>', "</li>", "\n", true, 'name', false); get_links($cat->term_id, '<li>', "</li>", "\n", true, 'name', false);
@ -704,7 +704,7 @@ function links_popup_script($text = 'Links', $width=400, $height=400, $file='lin
function get_linkrating($link) { function get_linkrating($link) {
return apply_filters('link_rating', $link->link_rating); return sanitize_bookmark_field('link_rating', $link->link_rating, $link->link_id, 'display');
} }
/** function get_linkcatname() /** function get_linkcatname()

View File

@ -17,7 +17,7 @@ if ((empty ($link_cat)) || ($link_cat == 'all') || ($link_cat == '0')) {
<!-- generator="wordpress/<?php bloginfo_rss('version') ?>" --> <!-- generator="wordpress/<?php bloginfo_rss('version') ?>" -->
<opml version="1.0"> <opml version="1.0">
<head> <head>
<title>Links for <?php echo attribute_escape(get_bloginfo('name').$cat_name); ?></title> <title>Links for <?php echo attribute_escape(get_bloginfo('name', 'display').$cat_name); ?></title>
<dateCreated><?php echo gmdate("D, d M Y H:i:s"); ?> GMT</dateCreated> <dateCreated><?php echo gmdate("D, d M Y H:i:s"); ?> GMT</dateCreated>
</head> </head>
<body> <body>