No need to backslash escape single quotes and line breaks when using js_escape()
git-svn-id: http://svn.automattic.com/wordpress/trunk@4655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
d99f7eaf96
commit
deb53f7027
|
@ -156,12 +156,12 @@ $start = " start='$offset'";
|
|||
<?php
|
||||
if ( current_user_can('edit_post', $comment->comment_post_ID) ) {
|
||||
echo " <a href='comment.php?action=editcomment&c=".$comment->comment_ID."'>" . __('Edit') . '</a>';
|
||||
echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by "%s".\\n"Cancel" to stop, "OK" to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
|
||||
echo ' | <a href="' . wp_nonce_url('comment.php?action=deletecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . '" onclick="return deleteSomething( \'comment\', ' . $comment->comment_ID . ', \'' . js_escape(sprintf(__("You are about to delete this comment by "%s".\n"Cancel" to stop, "OK" to delete."), $comment->comment_author)) . "', theCommentList );\">" . __('Delete') . '</a> ';
|
||||
if ( ('none' != $comment_status) && ( current_user_can('moderate_comments') ) ) {
|
||||
echo '<span class="unapprove"> | <a href="' . wp_nonce_url('comment.php?action=unapprovecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'unapprove-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Unapprove') . '</a> </span>';
|
||||
echo '<span class="approve"> | <a href="' . wp_nonce_url('comment.php?action=approvecomment&p=' . $comment->comment_post_ID . '&c=' . $comment->comment_ID, 'approve-comment_' . $comment->comment_ID) . '" onclick="return dimSomething( \'comment\', ' . $comment->comment_ID . ', \'unapproved\', theCommentList );">' . __('Approve') . '</a> </span>';
|
||||
}
|
||||
echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by "%s".\\n"Cancel" to stop, "OK" to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
|
||||
echo " | <a href=\"" . wp_nonce_url("comment.php?action=deletecomment&dt=spam&p=" . $comment->comment_post_ID . "&c=" . $comment->comment_ID, 'delete-comment_' . $comment->comment_ID) . "\" onclick=\"return deleteSomething( 'comment-as-spam', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to mark as spam this comment by "%s".\n"Cancel" to stop, "OK" to mark as spam."), $comment->comment_author)) . "', theCommentList );\">" . __('Spam') . "</a> ";
|
||||
}
|
||||
$post = get_post($comment->comment_post_ID);
|
||||
$post_title = wp_specialchars( $post->post_title, 'double' );
|
||||
|
|
|
@ -188,7 +188,7 @@ list_meta($metadata);
|
|||
<?php if ('edit' == $action) :
|
||||
$delete_nonce = wp_create_nonce( 'delete-page_' . $post_ID );
|
||||
if ( current_user_can('delete_page', $post->ID) ) ?>
|
||||
<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page \'%s\'\\n \'Cancel\' to stop, \'OK\' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
|
||||
<input name="deletepost" class="button delete" type="submit" id="deletepost" tabindex="10" value="<?php _e('Delete this page') ?>" <?php echo "onclick=\"if ( confirm('" . js_escape(sprintf(__("You are about to delete this page '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { document.forms.post._wpnonce.value = '$delete_nonce'; return true;}return false;\""; ?> />
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
|
||||
|
|
|
@ -135,7 +135,7 @@ $i = 0;
|
|||
<?php comment_text() ?>
|
||||
<p><?php comment_date('M j, g:i A'); ?> — [ <?php
|
||||
echo '<a href="comment.php?action=editcomment&c='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';
|
||||
echo " <a href=\"post.php?action=deletecomment&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by "%s".\\n"Cancel" to stop, "OK" to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
|
||||
echo " <a href=\"post.php?action=deletecomment&p=".$comment->comment_post_ID."&comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by "%s".\n"Cancel" to stop, "OK" to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
|
||||
<?php
|
||||
$post = get_post($comment->comment_post_ID);
|
||||
$post_title = wp_specialchars( $post->post_title, 'double' );
|
||||
|
|
Loading…
Reference in New Issue