Add id argument to wp_dropdown_users() and wp_dropdown_categories(). props johnbillion. Ensure we're escaping name and id in wp_dropdown_users(). fixes #12132

git-svn-id: http://svn.automattic.com/wordpress/trunk@13553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2010-03-02 18:36:49 +00:00
parent a17a92274b
commit dc764e91cd
2 changed files with 20 additions and 11 deletions

View File

@ -314,8 +314,9 @@ function category_description( $category = 0 ) {
* 'echo' (bool|int) default is 1 - Whether to display or retrieve content. * 'echo' (bool|int) default is 1 - Whether to display or retrieve content.
* 'depth' (int) - The max depth. * 'depth' (int) - The max depth.
* 'tab_index' (int) - Tab index for select element. * 'tab_index' (int) - Tab index for select element.
* 'name' (string) - The name attribute value for selected element. * 'name' (string) - The name attribute value for select element.
* 'class' (string) - The class attribute value for selected element. * 'id' (string) - The ID attribute value for select element. Defaults to name if omitted.
* 'class' (string) - The class attribute value for select element.
* 'selected' (int) - Which category ID is selected. * 'selected' (int) - Which category ID is selected.
* *
* The 'hierarchical' argument, which is disabled by default, will override the * The 'hierarchical' argument, which is disabled by default, will override the
@ -336,9 +337,10 @@ function wp_dropdown_categories( $args = '' ) {
'hide_empty' => 1, 'child_of' => 0, 'hide_empty' => 1, 'child_of' => 0,
'exclude' => '', 'echo' => 1, 'exclude' => '', 'echo' => 1,
'selected' => 0, 'hierarchical' => 0, 'selected' => 0, 'hierarchical' => 0,
'name' => 'cat', 'class' => 'postform', 'name' => 'cat', 'id' => '',
'depth' => 0, 'tab_index' => 0, 'class' => 'postform', 'depth' => 0,
'taxonomy' => 'category', 'hide_if_empty' => false 'tab_index' => 0, 'taxonomy' => 'category',
'hide_if_empty' => false
); );
$defaults['selected'] = ( is_category() ) ? get_query_var( 'cat' ) : 0; $defaults['selected'] = ( is_category() ) ? get_query_var( 'cat' ) : 0;
@ -357,11 +359,12 @@ function wp_dropdown_categories( $args = '' ) {
$tab_index_attribute = " tabindex=\"$tab_index\""; $tab_index_attribute = " tabindex=\"$tab_index\"";
$categories = get_terms( $taxonomy, $r ); $categories = get_terms( $taxonomy, $r );
$name = esc_attr($name); $name = esc_attr( $name );
$class = esc_attr($class); $class = esc_attr( $class );
$id = $id ? esc_attr( $id ) : $name;
if ( ! $r['hide_if_empty'] || ! empty($categories) ) if ( ! $r['hide_if_empty'] || ! empty($categories) )
$output = "<select name='$name' id='$name' class='$class' $tab_index_attribute>\n"; $output = "<select name='$name' id='$id' class='$class' $tab_index_attribute>\n";
else else
$output = ''; $output = '';

View File

@ -403,11 +403,12 @@ function setup_userdata($for_user_id = '') {
* <li>order - Default is 'ASC'. Can also be 'DESC'.</li> * <li>order - Default is 'ASC'. Can also be 'DESC'.</li>
* <li>include - User IDs to include.</li> * <li>include - User IDs to include.</li>
* <li>exclude - User IDs to exclude.</li> * <li>exclude - User IDs to exclude.</li>
* <li>multi - Default is 'false'. Whether to skip the ID attribute on the 'select' element.</li> * <li>multi - Default is 'false'. Whether to skip the ID attribute on the 'select' element. A 'true' value is overridden when id argument is set.</li>
* <li>show - Default is 'display_name'. User table column to display. If the selected item is empty then the user_login will be displayed in parentesis</li> * <li>show - Default is 'display_name'. User table column to display. If the selected item is empty then the user_login will be displayed in parentesis</li>
* <li>echo - Default is '1'. Whether to display or retrieve content.</li> * <li>echo - Default is '1'. Whether to display or retrieve content.</li>
* <li>selected - Which User ID is selected.</li> * <li>selected - Which User ID is selected.</li>
* <li>name - Default is 'user'. Name attribute of select element.</li> * <li>name - Default is 'user'. Name attribute of select element.</li>
* <li>id - Default is the value of the 'name' parameter. ID attribute of select element.</li>
* <li>class - Class attribute of select element.</li> * <li>class - Class attribute of select element.</li>
* <li>blog_id - ID of blog (Multisite only). Defaults to ID of current blog.</li> * <li>blog_id - ID of blog (Multisite only). Defaults to ID of current blog.</li>
* </ol> * </ol>
@ -426,6 +427,7 @@ function wp_dropdown_users( $args = '' ) {
'include' => '', 'exclude' => '', 'multi' => 0, 'include' => '', 'exclude' => '', 'multi' => 0,
'show' => 'display_name', 'echo' => 1, 'show' => 'display_name', 'echo' => 1,
'selected' => 0, 'name' => 'user', 'class' => '', 'blog_id' => $GLOBALS['blog_id'], 'selected' => 0, 'name' => 'user', 'class' => '', 'blog_id' => $GLOBALS['blog_id'],
'id' => '',
); );
$defaults['selected'] = is_author() ? get_query_var( 'author' ) : 0; $defaults['selected'] = is_author() ? get_query_var( 'author' ) : 0;
@ -459,9 +461,13 @@ function wp_dropdown_users( $args = '' ) {
$output = ''; $output = '';
if ( !empty($users) ) { if ( !empty($users) ) {
$id = $multi ? "" : "id='$name'"; $name = esc_attr( $name );
if ( $multi && ! $id )
$id = '';
else
$id = $id ? " id='" . esc_attr( $id ) . "'" : "id='$name'";
$output = "<select name='$name' $id class='$class'>\n"; $output = "<select name='{$name}'{$id} class='$class'>\n";
if ( $show_option_all ) if ( $show_option_all )
$output .= "\t<option value='0'>$show_option_all</option>\n"; $output .= "\t<option value='0'>$show_option_all</option>\n";