Skip to content
Permalink
Browse files

Admin: Escape attachment name in case it contains special characters

Built from https://develop.svn.wordpress.org/trunk@37774


git-svn-id: http://core.svn.wordpress.org/trunk@37739 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
nb committed Jun 21, 2016
1 parent 2bdc117 commit 4372cdf45d0f49c74bbd4d60db7281de83e32648
Showing with 3 additions and 3 deletions.
  1. +1 −1 wp-admin/includes/class-wp-media-list-table.php
  2. +1 −1 wp-includes/post-template.php
  3. +1 −1 wp-includes/version.php
@@ -395,7 +395,7 @@ public function column_title( $post ) {
<span class="screen-reader-text"><?php _e( 'File name:' ); ?> </span>
<?php
$file = get_attached_file( $post->ID );
echo wp_basename( $file );
echo esc_html( wp_basename( $file ) );
?>
</p>
<?php
@@ -1475,7 +1475,7 @@ function wp_get_attachment_link( $id = 0, $size = 'thumbnail', $permalink = fals
* @param bool $icon Whether to include an icon. Default false.
* @param string|bool $text If string, will be link text. Default false.
*/
return apply_filters( 'wp_get_attachment_link', "<a href='$url'>$link_text</a>", $id, $size, $permalink, $icon, $text );
return apply_filters( 'wp_get_attachment_link', "<a href='" . esc_url( $url ) . "'>$link_text</a>", $id, $size, $permalink, $icon, $text );
}
/**
@@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.6-alpha-37756';
$wp_version = '4.6-alpha-37774';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

0 comments on commit 4372cdf

Please sign in to comment.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.