Add some filtering. Props jhodgdon. see #4516
git-svn-id: http://svn.automattic.com/wordpress/trunk@5998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
277e5aa914
commit
93840b1632
|
@ -286,7 +286,7 @@ if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
|
||||||
}
|
}
|
||||||
echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
|
echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by '%s'.\n'Cancel' to stop, 'OK' to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
|
||||||
}
|
}
|
||||||
$post = get_post($comment->comment_post_ID);
|
$post = get_post($comment->comment_post_ID, OBJECT, 'display');
|
||||||
$post_title = wp_specialchars( $post->post_title, 'double' );
|
$post_title = wp_specialchars( $post->post_title, 'double' );
|
||||||
$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
|
$post_title = ('' == $post_title) ? "# $comment->comment_post_ID" : $post_title;
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -33,6 +33,7 @@ include('admin-header.php');
|
||||||
<?php
|
<?php
|
||||||
$categories = get_categories('get=all');
|
$categories = get_categories('get=all');
|
||||||
foreach ($categories as $category) :
|
foreach ($categories as $category) :
|
||||||
|
$category = sanitize_category($category);
|
||||||
if ($category->term_id == get_option('default_category')) $selected = " selected='selected'";
|
if ($category->term_id == get_option('default_category')) $selected = " selected='selected'";
|
||||||
else $selected = '';
|
else $selected = '';
|
||||||
echo "\n\t<option value='$category->term_id' $selected>$category->name</option>";
|
echo "\n\t<option value='$category->term_id' $selected>$category->name</option>";
|
||||||
|
@ -44,8 +45,9 @@ endforeach;
|
||||||
<th scope="row"><?php _e('Default link category:') ?></th>
|
<th scope="row"><?php _e('Default link category:') ?></th>
|
||||||
<td><select name="default_link_category" id="default_link_category">
|
<td><select name="default_link_category" id="default_link_category">
|
||||||
<?php
|
<?php
|
||||||
$categories = get_terms('link_category', 'get=all');
|
$link_categories = get_terms('link_category', 'get=all');
|
||||||
foreach ($categories as $category) :
|
foreach ($link_categories as $category) :
|
||||||
|
$category = sanitize_term($category, 'link_category');
|
||||||
if ($category->term_id == get_option('default_link_category')) $selected = " selected='selected'";
|
if ($category->term_id == get_option('default_link_category')) $selected = " selected='selected'";
|
||||||
else $selected = '';
|
else $selected = '';
|
||||||
echo "\n\t<option value='$category->term_id' $selected>$category->name</option>";
|
echo "\n\t<option value='$category->term_id' $selected>$category->name</option>";
|
||||||
|
@ -83,6 +85,7 @@ endforeach;
|
||||||
<?php
|
<?php
|
||||||
//Alreay have $categories from default_category
|
//Alreay have $categories from default_category
|
||||||
foreach ($categories as $category) :
|
foreach ($categories as $category) :
|
||||||
|
$category = sanitize_category($category);
|
||||||
if ($category->cat_ID == get_option('default_email_category')) $selected = " selected='selected'";
|
if ($category->cat_ID == get_option('default_email_category')) $selected = " selected='selected'";
|
||||||
else $selected = '';
|
else $selected = '';
|
||||||
echo "\n\t<option value='$category->cat_ID' $selected>$category->cat_name</option>";
|
echo "\n\t<option value='$category->cat_ID' $selected>$category->cat_name</option>";
|
||||||
|
|
|
@ -117,6 +117,14 @@ function cat_is_ancestor_of($cat1, $cat2) {
|
||||||
return cat_is_ancestor_of($cat1, get_category($cat2->parent));
|
return cat_is_ancestor_of($cat1, get_category($cat2->parent));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function sanitize_category($category, $context = 'display') {
|
||||||
|
return sanitize_term($category, 'category', $context);
|
||||||
|
}
|
||||||
|
|
||||||
|
function sanitize_category_field($field, $value, $cat_id, $context) {
|
||||||
|
return sanitize_term_field($field, $value, $cat_id, 'category', $context);
|
||||||
|
}
|
||||||
|
|
||||||
// Tags
|
// Tags
|
||||||
|
|
||||||
function &get_tags($args = '') {
|
function &get_tags($args = '') {
|
||||||
|
|
|
@ -60,19 +60,7 @@ function wp_meta() {
|
||||||
|
|
||||||
|
|
||||||
function bloginfo($show='') {
|
function bloginfo($show='') {
|
||||||
$info = get_bloginfo($show);
|
echo get_bloginfo($show, 'display');
|
||||||
|
|
||||||
// Don't filter URL's.
|
|
||||||
if (strpos($show, 'url') === false &&
|
|
||||||
strpos($show, 'directory') === false &&
|
|
||||||
strpos($show, 'home') === false) {
|
|
||||||
$info = apply_filters('bloginfo', $info, $show);
|
|
||||||
$info = convert_chars($info);
|
|
||||||
} else {
|
|
||||||
$info = apply_filters('bloginfo_url', $info, $show);
|
|
||||||
}
|
|
||||||
|
|
||||||
echo $info;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -81,7 +69,7 @@ function bloginfo($show='') {
|
||||||
* without "// DEPRECATED" are the preferred and recommended ways
|
* without "// DEPRECATED" are the preferred and recommended ways
|
||||||
* to get the information.
|
* to get the information.
|
||||||
*/
|
*/
|
||||||
function get_bloginfo($show='') {
|
function get_bloginfo($show = '', $filter = 'raw') {
|
||||||
|
|
||||||
switch($show) {
|
switch($show) {
|
||||||
case 'url' :
|
case 'url' :
|
||||||
|
@ -153,6 +141,20 @@ function get_bloginfo($show='') {
|
||||||
$output = get_option('blogname');
|
$output = get_option('blogname');
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$url = true;
|
||||||
|
if (strpos($show, 'url') === false &&
|
||||||
|
strpos($show, 'directory') === false &&
|
||||||
|
strpos($show, 'home') === false)
|
||||||
|
$url = false;
|
||||||
|
|
||||||
|
if ( 'display' == $filter ) {
|
||||||
|
if ( $url )
|
||||||
|
$output = apply_filters('bloginfo_url', $output, $show);
|
||||||
|
else
|
||||||
|
$output = apply_filters('bloginfo', $output, $show);
|
||||||
|
}
|
||||||
|
|
||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
12
wp-login.php
12
wp-login.php
|
@ -150,9 +150,9 @@ case 'retrievepassword' :
|
||||||
<?php if (get_option('users_can_register')) : ?>
|
<?php if (get_option('users_can_register')) : ?>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li>
|
||||||
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
|
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display' )); ?></a></li>
|
||||||
<?php else : ?>
|
<?php else : ?>
|
||||||
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
|
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display' )); ?></a></li>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
</ul>
|
</ul>
|
||||||
|
@ -272,7 +272,7 @@ case 'register' :
|
||||||
<ul>
|
<ul>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
|
||||||
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
|
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
|
@ -365,13 +365,13 @@ default:
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php if ( in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
|
<?php if ( in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
|
||||||
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
|
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
|
||||||
<?php elseif (get_option('users_can_register')) : ?>
|
<?php elseif (get_option('users_can_register')) : ?>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
|
||||||
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
|
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
|
||||||
<?php else : ?>
|
<?php else : ?>
|
||||||
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title')); ?></a></li>
|
<li><a href="<?php bloginfo('url'); ?>/" title="<?php _e('Are you lost?') ?>"><?php printf(__('Back to %s'), get_bloginfo('title', 'display')); ?></a></li>
|
||||||
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
|
<li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
Loading…
Reference in New Issue