Escape some permalinks. add_query_arg will &, not &, so we need to use esc_url those when used in an attribute. fixes #12126.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
3fc6562444
commit
f0a9c50f18
|
@ -36,32 +36,32 @@ $action = isset($action) ? $action : '';
|
|||
$messages = array();
|
||||
$messages['post'] = array(
|
||||
'',
|
||||
sprintf( __('Post updated. <a href="%s">View post</a>'), get_permalink($post_ID) ),
|
||||
sprintf( __('Post updated. <a href="%s">View post</a>'), esc_url( get_permalink($post_ID) ) ),
|
||||
__('Custom field updated.'),
|
||||
__('Custom field deleted.'),
|
||||
__('Post updated.'),
|
||||
/* translators: %s: date and time of the revision */
|
||||
isset($_GET['revision']) ? sprintf( __('Post restored to revision from %s'), wp_post_revision_title( (int) $_GET['revision'], false ) ) : false,
|
||||
sprintf( __('Post published. <a href="%s">View post</a>'), get_permalink($post_ID) ),
|
||||
sprintf( __('Post published. <a href="%s">View post</a>'), esc_url( get_permalink($post_ID) ) ),
|
||||
__('Post saved.'),
|
||||
sprintf( __('Post submitted. <a target="_blank" href="%s">Preview post</a>'), add_query_arg( 'preview', 'true', get_permalink($post_ID) ) ),
|
||||
sprintf( __('Post submitted. <a target="_blank" href="%s">Preview post</a>'), esc_url( add_query_arg( 'preview', 'true', get_permalink($post_ID) ) ) ),
|
||||
sprintf( __('Post scheduled for: <strong>%1$s</strong>. <a target="_blank" href="%2$s">Preview post</a>'),
|
||||
// translators: Publish box date format, see http://php.net/date
|
||||
date_i18n( __( 'M j, Y @ G:i' ), strtotime( $post->post_date ) ), get_permalink($post_ID) ),
|
||||
sprintf( __('Post draft updated. <a target="_blank" href="%s">Preview post</a>'), add_query_arg( 'preview', 'true', get_permalink($post_ID) ) )
|
||||
date_i18n( __( 'M j, Y @ G:i' ), strtotime( $post->post_date ) ), esc_url( get_permalink($post_ID) ) ),
|
||||
sprintf( __('Post draft updated. <a target="_blank" href="%s">Preview post</a>'), esc_url( add_query_arg( 'preview', 'true', get_permalink($post_ID) ) ) ),
|
||||
);
|
||||
$messages['page'] = array(
|
||||
'',
|
||||
sprintf( __('Page updated. <a href="%s">View page</a>'), get_permalink($post_ID) ),
|
||||
sprintf( __('Page updated. <a href="%s">View page</a>'), esc_url( get_permalink($post_ID) ) ),
|
||||
__('Custom field updated.'),
|
||||
__('Custom field deleted.'),
|
||||
__('Page updated.'),
|
||||
isset($_GET['revision']) ? sprintf( __('Page restored to revision from %s'), wp_post_revision_title( (int) $_GET['revision'], false ) ) : false,
|
||||
sprintf( __('Page published. <a href="%s">View page</a>'), get_permalink($post_ID) ),
|
||||
sprintf( __('Page published. <a href="%s">View page</a>'), esc_url( get_permalink($post_ID) ) ),
|
||||
__('Page saved.'),
|
||||
sprintf( __('Page submitted. <a target="_blank" href="%s">Preview page</a>'), add_query_arg( 'preview', 'true', get_permalink($post_ID) ) ),
|
||||
sprintf( __('Page scheduled for: <strong>%1$s</strong>. <a target="_blank" href="%2$s">Preview page</a>'), date_i18n( __( 'M j, Y @ G:i' ), strtotime( $post->post_date ) ), get_permalink($post_ID) ),
|
||||
sprintf( __('Page draft updated. <a target="_blank" href="%s">Preview page</a>'), add_query_arg( 'preview', 'true', get_permalink($post_ID) ) )
|
||||
sprintf( __('Page submitted. <a target="_blank" href="%s">Preview page</a>'), esc_url( add_query_arg( 'preview', 'true', get_permalink($post_ID) ) ) ),
|
||||
sprintf( __('Page scheduled for: <strong>%1$s</strong>. <a target="_blank" href="%2$s">Preview page</a>'), date_i18n( __( 'M j, Y @ G:i' ), strtotime( $post->post_date ) ), esc_url( get_permalink($post_ID) ) ),
|
||||
sprintf( __('Page draft updated. <a target="_blank" href="%s">Preview page</a>'), esc_url( add_query_arg( 'preview', 'true', get_permalink($post_ID) ) ) ),
|
||||
);
|
||||
|
||||
$message = false;
|
||||
|
|
Loading…
Reference in New Issue