A little escaping paranoia, just to be safe. (Already sanitized, higher up). for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
f613349c98
commit
dff3130153
|
@ -270,16 +270,16 @@ function get_inline_data($post) {
|
|||
if ( ! current_user_can($post_type_object->cap->edit_post, $post->ID) )
|
||||
return;
|
||||
|
||||
$title = htmlspecialchars( trim( $post->post_title ), ENT_QUOTES );
|
||||
$title = esc_textarea( trim( $post->post_title ) );
|
||||
|
||||
echo '
|
||||
<div class="hidden" id="inline_' . $post->ID . '">
|
||||
<div class="post_title">' . $title . '</div>
|
||||
<div class="post_name">' . apply_filters('editable_slug', $post->post_name) . '</div>
|
||||
<div class="post_author">' . $post->post_author . '</div>
|
||||
<div class="comment_status">' . $post->comment_status . '</div>
|
||||
<div class="ping_status">' . $post->ping_status . '</div>
|
||||
<div class="_status">' . $post->post_status . '</div>
|
||||
<div class="comment_status">' . esc_html( $post->comment_status ) . '</div>
|
||||
<div class="ping_status">' . esc_html( $post->ping_status ) . '</div>
|
||||
<div class="_status">' . esc_html( $post->post_status ) . '</div>
|
||||
<div class="jj">' . mysql2date( 'd', $post->post_date, false ) . '</div>
|
||||
<div class="mm">' . mysql2date( 'm', $post->post_date, false ) . '</div>
|
||||
<div class="aa">' . mysql2date( 'Y', $post->post_date, false ) . '</div>
|
||||
|
|
Loading…
Reference in New Issue