Tag textareas escaped earlier with textarea_escaped. see #15454.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
a0313cde8c
commit
9009245db5
|
@ -61,7 +61,7 @@ do_action($taxonomy . '_pre_edit_form', $tag, $taxonomy); ?>
|
||||||
<?php endif; // is_taxonomy_hierarchical() ?>
|
<?php endif; // is_taxonomy_hierarchical() ?>
|
||||||
<tr class="form-field">
|
<tr class="form-field">
|
||||||
<th scope="row" valign="top"><label for="description"><?php _ex('Description', 'Taxonomy Description'); ?></label></th>
|
<th scope="row" valign="top"><label for="description"><?php _ex('Description', 'Taxonomy Description'); ?></label></th>
|
||||||
<td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo $tag->description; // already escaped ?></textarea><br />
|
<td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo $tag->description; // textarea_escaped ?></textarea><br />
|
||||||
<span class="description"><?php _e('The description is not prominent by default, however some themes may show it.'); ?></span></td>
|
<span class="description"><?php _e('The description is not prominent by default, however some themes may show it.'); ?></span></td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
|
|
|
@ -1343,7 +1343,7 @@ function get_media_item( $attachment_id, $args = null ) {
|
||||||
if ( !empty( $field[ $field['input'] ] ) )
|
if ( !empty( $field[ $field['input'] ] ) )
|
||||||
$item .= $field[ $field['input'] ];
|
$item .= $field[ $field['input'] ];
|
||||||
elseif ( $field['input'] == 'textarea' ) {
|
elseif ( $field['input'] == 'textarea' ) {
|
||||||
if ( user_can_richedit() ) { // already escaped when user_can_richedit() = false
|
if ( user_can_richedit() ) { // textarea_escaped when user_can_richedit() = false
|
||||||
$field['value'] = esc_textarea( $field['value'] );
|
$field['value'] = esc_textarea( $field['value'] );
|
||||||
}
|
}
|
||||||
$item .= "<textarea type='text' id='$name' name='$name' $aria_required>" . $field['value'] . '</textarea>';
|
$item .= "<textarea type='text' id='$name' name='$name' $aria_required>" . $field['value'] . '</textarea>';
|
||||||
|
|
|
@ -288,7 +288,7 @@ function post_tags_meta_box($post, $box) {
|
||||||
<div class="jaxtag">
|
<div class="jaxtag">
|
||||||
<div class="nojs-tags hide-if-js">
|
<div class="nojs-tags hide-if-js">
|
||||||
<p><?php echo $taxonomy->labels->add_or_remove_items; ?></p>
|
<p><?php echo $taxonomy->labels->add_or_remove_items; ?></p>
|
||||||
<textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php echo $disabled; ?>><?php echo get_terms_to_edit( $post->ID, $tax_name ); // escaped by esc_attr() ?></textarea></div>
|
<textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php echo $disabled; ?>><?php echo get_terms_to_edit( $post->ID, $tax_name ); // textarea_escaped by esc_attr() ?></textarea></div>
|
||||||
<?php if ( current_user_can($taxonomy->cap->assign_terms) ) : ?>
|
<?php if ( current_user_can($taxonomy->cap->assign_terms) ) : ?>
|
||||||
<div class="ajaxtag hide-if-no-js">
|
<div class="ajaxtag hide-if-no-js">
|
||||||
<label class="screen-reader-text" for="new-tag-<?php echo $tax_name; ?>"><?php echo $box['title']; ?></label>
|
<label class="screen-reader-text" for="new-tag-<?php echo $tax_name; ?>"><?php echo $box['title']; ?></label>
|
||||||
|
@ -383,7 +383,7 @@ function post_categories_meta_box( $post, $box ) {
|
||||||
*/
|
*/
|
||||||
function post_excerpt_meta_box($post) {
|
function post_excerpt_meta_box($post) {
|
||||||
?>
|
?>
|
||||||
<label class="screen-reader-text" for="excerpt"><?php _e('Excerpt') ?></label><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt; ?></textarea>
|
<label class="screen-reader-text" for="excerpt"><?php _e('Excerpt') ?></label><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt; // textarea_escaped ?></textarea>
|
||||||
<p><?php _e('Excerpts are optional hand-crafted summaries of your content that can be used in your theme. <a href="http://codex.wordpress.org/Excerpt" target="_blank">Learn more about manual excerpts.</a>'); ?></p>
|
<p><?php _e('Excerpts are optional hand-crafted summaries of your content that can be used in your theme. <a href="http://codex.wordpress.org/Excerpt" target="_blank">Learn more about manual excerpts.</a>'); ?></p>
|
||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
@ -886,7 +886,7 @@ function link_advanced_meta_box($link) {
|
||||||
</tr>
|
</tr>
|
||||||
<tr class="form-field">
|
<tr class="form-field">
|
||||||
<th valign="top" scope="row"><label for="link_notes"><?php _e('Notes') ?></label></th>
|
<th valign="top" scope="row"><label for="link_notes"><?php _e('Notes') ?></label></th>
|
||||||
<td><textarea name="link_notes" id="link_notes" cols="50" rows="10" style="width: 95%"><?php echo ( isset( $link->link_notes ) ? $link->link_notes : ''); // escaped ?></textarea></td>
|
<td><textarea name="link_notes" id="link_notes" cols="50" rows="10" style="width: 95%"><?php echo ( isset( $link->link_notes ) ? $link->link_notes : ''); // textarea_escaped ?></textarea></td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr class="form-field">
|
<tr class="form-field">
|
||||||
<th valign="top" scope="row"><label for="link_rating"><?php _e('Rating') ?></label></th>
|
<th valign="top" scope="row"><label for="link_rating"><?php _e('Rating') ?></label></th>
|
||||||
|
|
|
@ -354,7 +354,7 @@ if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_c
|
||||||
<table class="form-table">
|
<table class="form-table">
|
||||||
<tr>
|
<tr>
|
||||||
<th><label for="description"><?php _e('Biographical Info'); ?></label></th>
|
<th><label for="description"><?php _e('Biographical Info'); ?></label></th>
|
||||||
<td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description; // escaped ?></textarea><br />
|
<td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description; // textarea_escaped ?></textarea><br />
|
||||||
<span class="description"><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?></span></td>
|
<span class="description"><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?></span></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue