Permalink
Browse files

_a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_at…

…tr_x(), esc_attr() -- still short, but less cryptic. see #9650

git-svn-id: http://svn.automattic.com/wordpress/trunk@11204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
1 parent 1292413 commit 6c2ffddf31269957353b1ad56174802ac14832a3 markjaquith committed May 5, 2009
Showing with 703 additions and 703 deletions.
  1. +4 −4 wp-admin/admin-ajax.php
  2. +4 −4 wp-admin/categories.php
  3. +5 −5 wp-admin/comment.php
  4. +11 −11 wp-admin/custom-header.php
  5. +4 −4 wp-admin/edit-attachment-rows.php
  6. +4 −4 wp-admin/edit-category-form.php
  7. +24 −24 wp-admin/edit-comments.php
  8. +33 −33 wp-admin/edit-form-advanced.php
  9. +9 −9 wp-admin/edit-form-comment.php
  10. +4 −4 wp-admin/edit-link-categories.php
  11. +5 −5 wp-admin/edit-link-category-form.php
  12. +13 −13 wp-admin/edit-link-form.php
  13. +23 −23 wp-admin/edit-page-form.php
  14. +4 −4 wp-admin/edit-pages.php
  15. +5 −5 wp-admin/edit-tag-form.php
  16. +6 −6 wp-admin/edit-tags.php
  17. +8 −8 wp-admin/edit.php
  18. +2 −2 wp-admin/export.php
  19. +4 −4 wp-admin/import/blogger.php
  20. +2 −2 wp-admin/import/btt.php
  21. +6 −6 wp-admin/import/dotclear.php
  22. +1 −1 wp-admin/import/greymatter.php
  23. +4 −4 wp-admin/import/jkw.php
  24. +10 −10 wp-admin/import/livejournal.php
  25. +4 −4 wp-admin/import/mt.php
  26. +1 −1 wp-admin/import/opml.php
  27. +3 −3 wp-admin/import/stp.php
  28. +6 −6 wp-admin/import/textpattern.php
  29. +4 −4 wp-admin/import/utw.php
  30. +3 −3 wp-admin/import/wordpress.php
  31. +5 −5 wp-admin/import/wp-cat2tag.php
  32. +1 −1 wp-admin/includes/bookmark.php
  33. +12 −12 wp-admin/includes/class-wp-upgrader.php
  34. +10 −10 wp-admin/includes/dashboard.php
  35. +6 −6 wp-admin/includes/file.php
  36. +1 −1 wp-admin/includes/manifest.php
  37. +42 −42 wp-admin/includes/media.php
  38. +9 −9 wp-admin/includes/plugin-install.php
  39. +1 −1 wp-admin/includes/plugin.php
  40. +1 −1 wp-admin/includes/taxonomy.php
  41. +42 −42 wp-admin/includes/template.php
  42. +9 −9 wp-admin/includes/theme-install.php
  43. +9 −9 wp-admin/includes/user.php
  44. +8 −8 wp-admin/includes/widgets.php
  45. +3 −3 wp-admin/install.php
  46. +8 −8 wp-admin/link-manager.php
  47. +1 −1 wp-admin/load-scripts.php
  48. +1 −1 wp-admin/load-styles.php
  49. +1 −1 wp-admin/media-upload.php
  50. +3 −3 wp-admin/media.php
  51. +1 −1 wp-admin/menu.php
  52. +8 −8 wp-admin/options-discussion.php
  53. +7 −7 wp-admin/options-general.php
  54. +1 −1 wp-admin/options-media.php
  55. +3 −3 wp-admin/options-misc.php
  56. +7 −7 wp-admin/options-permalink.php
  57. +1 −1 wp-admin/options-privacy.php
  58. +1 −1 wp-admin/options-reading.php
  59. +1 −1 wp-admin/options-writing.php
  60. +3 −3 wp-admin/options.php
  61. +10 −10 wp-admin/plugin-editor.php
  62. +10 −10 wp-admin/plugins.php
  63. +15 −15 wp-admin/press-this.php
  64. +5 −5 wp-admin/sidebar.php
  65. +8 −8 wp-admin/theme-editor.php
  66. +3 −3 wp-admin/themes.php
  67. +1 −1 wp-admin/tools.php
  68. +5 −5 wp-admin/update-core.php
  69. +10 −10 wp-admin/upload.php
  70. +13 −13 wp-admin/user-edit.php
  71. +6 −6 wp-admin/user-new.php
  72. +11 −11 wp-admin/users.php
  73. +6 −6 wp-admin/widgets.php
  74. +6 −6 wp-app.php
  75. +6 −6 wp-content/themes/classic/comments-popup.php
  76. +4 −4 wp-content/themes/classic/comments.php
  77. +1 −1 wp-content/themes/classic/sidebar.php
  78. +4 −4 wp-content/themes/default/comments-popup.php
  79. +3 −3 wp-content/themes/default/comments.php
  80. +26 −26 wp-content/themes/default/functions.php
  81. +2 −2 wp-includes/author-template.php
  82. +2 −2 wp-includes/bookmark-template.php
  83. +2 −2 wp-includes/bookmark.php
  84. +1 −1 wp-includes/category-template.php
  85. +2 −2 wp-includes/class.wp-styles.php
  86. +3 −3 wp-includes/classes.php
  87. +1 −1 wp-includes/comment-template.php
  88. +2 −2 wp-includes/comment.php
  89. +20 −20 wp-includes/default-widgets.php
  90. +2 −2 wp-includes/deprecated.php
  91. +2 −2 wp-includes/feed-atom-comments.php
  92. +1 −1 wp-includes/feed-rss2-comments.php
  93. +1 −1 wp-includes/feed.php
  94. +4 −4 wp-includes/formatting.php
  95. +4 −4 wp-includes/functions.php
  96. +12 −12 wp-includes/general-template.php
  97. +3 −3 wp-includes/kses.php
  98. +8 −8 wp-includes/l10n.php
  99. +9 −9 wp-includes/link-template.php
  100. +3 −3 wp-includes/media.php
  101. +1 −1 wp-includes/pluggable.php
  102. +10 −10 wp-includes/post-template.php
  103. +2 −2 wp-includes/post.php
  104. +1 −1 wp-includes/rss.php
  105. +9 −9 wp-includes/script-loader.php
  106. +3 −3 wp-includes/taxonomy.php
  107. +1 −1 wp-includes/theme.php
  108. +3 −3 wp-includes/update.php
  109. +4 −4 wp-links-opml.php
  110. +10 −10 wp-login.php
View
@@ -426,7 +426,7 @@ function _wp_ajax_delete_comment_response( $comment_id ) {
$x->add( array(
'what' => 'link-category',
'id' => $cat_id,
- 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='" . attr($cat_id) . "' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
+ 'data' => "<li id='link-category-$cat_id'><label for='in-link-category-$cat_id' class='selectit'><input value='" . esc_attr($cat_id) . "' type='checkbox' checked='checked' name='link_category[]' id='in-link-category-$cat_id'/> $cat_name</label></li>",
'position' => -1
) );
}
@@ -474,7 +474,7 @@ function _wp_ajax_delete_comment_response( $comment_id ) {
$cat_full_name = $_cat->name . ' &#8212; ' . $cat_full_name;
$level++;
}
- $cat_full_name = attr($cat_full_name);
+ $cat_full_name = esc_attr($cat_full_name);
$x = new WP_Ajax_Response( array(
'what' => 'cat',
@@ -552,7 +552,7 @@ function _wp_ajax_delete_comment_response( $comment_id ) {
die('0');
$tag_full_name = $tag->name;
- $tag_full_name = attr($tag_full_name);
+ $tag_full_name = esc_attr($tag_full_name);
$x = new WP_Ajax_Response( array(
'what' => 'tag',
@@ -1214,7 +1214,7 @@ function _wp_ajax_delete_comment_response( $comment_id ) {
$time = mysql2date(__('Y/m/d'), $post->post_date);
}
- $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="' . attr($post->ID) . '"></td>';
+ $html .= '<tr class="found-posts"><td class="found-radio"><input type="radio" id="found-'.$post->ID.'" name="found_post_id" value="' . esc_attr($post->ID) . '"></td>';
$html .= '<td><label for="found-'.$post->ID.'">'.wp_specialchars($post->post_title, true).'</label></td><td>'.wp_specialchars($time, true).'</td><td>'.wp_specialchars($stat, true).'</td></tr>'."\n\n";
}
$html .= '</tbody></table>';
View
@@ -144,7 +144,7 @@
<p class="search-box">
<label class="invisible" for="category-search-input"><?php _e('Search Categories'); ?>:</label>
<input type="text" id="category-search-input" name="s" value="<?php _admin_search_query(); ?>" />
- <input type="submit" value="<?php _ea( 'Search Categories' ); ?>" class="button" />
+ <input type="submit" value="<?php esc_attr_e( 'Search Categories' ); ?>" class="button" />
</p>
</form>
<br class="clear" />
@@ -189,7 +189,7 @@
<option value="" selected="selected"><?php _e('Bulk Actions'); ?></option>
<option value="delete"><?php _e('Delete'); ?></option>
</select>
-<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
+<input type="submit" value="<?php esc_attr_e('Apply'); ?>" name="doaction" id="doaction" class="button-secondary action" />
<?php wp_nonce_field('bulk-categories'); ?>
</div>
@@ -229,7 +229,7 @@
<option value="" selected="selected"><?php _e('Bulk Actions'); ?></option>
<option value="delete"><?php _e('Delete'); ?></option>
</select>
-<input type="submit" value="<?php _ea('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
+<input type="submit" value="<?php esc_attr_e('Apply'); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
<?php wp_nonce_field('bulk-categories'); ?>
</div>
@@ -283,7 +283,7 @@
<p><?php _e('The description is not prominent by default, however some themes may show it.'); ?></p>
</div>
-<p class="submit"><input type="submit" class="button" name="submit" value="<?php _ea('Add Category'); ?>" /></p>
+<p class="submit"><input type="submit" class="button" name="submit" value="<?php esc_attr_e('Add Category'); ?>" /></p>
<?php do_action('edit_category_form', $category); ?>
</form></div>
View
@@ -90,18 +90,18 @@ function comment_footer_die( $msg ) { //
<table width="100%">
<tr>
-<td><input type='button' class="button" value='<?php _ea('No'); ?>' onclick="self.location='<?php echo admin_url('edit-comments.php'); ?>" /></td>
-<td class="textright"><input type='submit' class="button" value='<?php echo attr($button); ?>' /></td>
+<td><input type='button' class="button" value='<?php esc_attr_e('No'); ?>' onclick="self.location='<?php echo admin_url('edit-comments.php'); ?>" /></td>
+<td class="textright"><input type='submit' class="button" value='<?php echo esc_attr($button); ?>' /></td>
</tr>
</table>
<?php wp_nonce_field( $nonce_action ); ?>
-<input type='hidden' name='action' value='<?php echo attr($formaction); ?>' />
+<input type='hidden' name='action' value='<?php echo esc_attr($formaction); ?>' />
<?php if ( 'spam' == $_GET['dt'] ) { ?>
<input type='hidden' name='dt' value='spam' />
<?php } ?>
-<input type='hidden' name='p' value='<?php echo attr($comment->comment_post_ID); ?>' />
-<input type='hidden' name='c' value='<?php echo attr($comment->comment_ID); ?>' />
+<input type='hidden' name='p' value='<?php echo esc_attr($comment->comment_post_ID); ?>' />
+<input type='hidden' name='c' value='<?php echo esc_attr($comment->comment_ID); ?>' />
<input type='hidden' name='noredir' value='1' />
</form>
View
@@ -284,10 +284,10 @@ function step_1() {
</div>
<?php if ( !defined( 'NO_HEADER_TEXT' ) ) { ?>
<form method="post" action="<?php echo admin_url('themes.php?page=custom-header&amp;updated=true') ?>">
-<input type="button" class="button" value="<?php _ea('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
-<input type="button" class="button" value="<?php _ea('Select a Text Color'); ?>" id="pickcolor" /><input type="button" class="button" value="<?php _ea('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
+<input type="button" class="button" value="<?php esc_attr_e('Hide Text'); ?>" onclick="hide_text()" id="hidetext" />
+<input type="button" class="button" value="<?php esc_attr_e('Select a Text Color'); ?>" id="pickcolor" /><input type="button" class="button" value="<?php esc_attr_e('Use Original Color'); ?>" onclick="colorDefault()" id="defaultcolor" />
<?php wp_nonce_field('custom-header') ?>
-<input type="hidden" name="textcolor" id="textcolor" value="#<?php attr(header_textcolor()) ?>" /><input name="submit" type="submit" class="button" value="<?php _ea('Save Changes'); ?>" /></form>
+<input type="hidden" name="textcolor" id="textcolor" value="#<?php esc_attr(header_textcolor()) ?>" /><input name="submit" type="submit" class="button" value="<?php esc_attr_e('Save Changes'); ?>" /></form>
<?php } ?>
<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;display:none;"> </div>
@@ -296,12 +296,12 @@ function step_1() {
<h2><?php _e('Upload New Header Image'); ?></h2><p><?php _e('Here you can upload a custom header image to be shown at the top of your blog instead of the default one. On the next screen you will be able to crop the image.'); ?></p>
<p><?php printf(__('Images of exactly <strong>%1$d x %2$d pixels</strong> will be used as-is.'), HEADER_IMAGE_WIDTH, HEADER_IMAGE_HEIGHT); ?></p>
-<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo attr(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
+<form enctype="multipart/form-data" id="uploadForm" method="POST" action="<?php echo esc_attr(add_query_arg('step', 2)) ?>" style="margin: auto; width: 50%;">
<label for="upload"><?php _e('Choose an image from your computer:'); ?></label><br /><input type="file" id="upload" name="import" />
<input type="hidden" name="action" value="save" />
<?php wp_nonce_field('custom-header') ?>
<p class="submit">
-<input type="submit" value="<?php _ea('Upload'); ?>" />
+<input type="submit" value="<?php esc_attr_e('Upload'); ?>" />
</p>
</form>
@@ -311,9 +311,9 @@ function step_1() {
<div class="wrap">
<h2><?php _e('Reset Header Image and Color'); ?></h2>
<p><?php _e('This will restore the original header image and color. You will not be able to retrieve any customizations.') ?></p>
-<form method="post" action="<?php echo attr(add_query_arg('step', 1)) ?>">
+<form method="post" action="<?php echo esc_attr(add_query_arg('step', 1)) ?>">
<?php wp_nonce_field('custom-header'); ?>
-<input type="submit" class="button" name="resetheader" value="<?php _ea('Restore Original Header'); ?>" />
+<input type="submit" class="button" name="resetheader" value="<?php esc_attr_e('Restore Original Header'); ?>" />
</form>
</div>
<?php endif;
@@ -372,7 +372,7 @@ function step_2() {
<div class="wrap">
-<form method="POST" action="<?php echo attr(add_query_arg('step', 3)) ?>">
+<form method="POST" action="<?php echo esc_attr(add_query_arg('step', 3)) ?>">
<p><?php _e('Choose the part of the image you want to use as your header.'); ?></p>
<div id="testWrap" style="position: relative">
@@ -386,10 +386,10 @@ function step_2() {
<input type="hidden" name="y2" id="y2" />
<input type="hidden" name="width" id="width" />
<input type="hidden" name="height" id="height" />
-<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo attr($id); ?>" />
-<input type="hidden" name="oitar" id="oitar" value="<?php echo attr($oitar); ?>" />
+<input type="hidden" name="attachment_id" id="attachment_id" value="<?php echo esc_attr($id); ?>" />
+<input type="hidden" name="oitar" id="oitar" value="<?php echo esc_attr($oitar); ?>" />
<?php wp_nonce_field('custom-header') ?>
-<input type="submit" value="<?php _ea('Crop Header'); ?>" />
+<input type="submit" value="<?php esc_attr_e('Crop Header'); ?>" />
</p>
</form>
@@ -62,7 +62,7 @@
if ( $thumb = wp_get_attachment_image( $post->ID, array(80, 60), true ) ) {
?>
- <a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>">
+ <a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo esc_attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>">
<?php echo $thumb; ?>
</a>
@@ -74,7 +74,7 @@
case 'media':
?>
- <td <?php echo $attributes ?>><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
+ <td <?php echo $attributes ?>><strong><a href="<?php echo get_edit_post_link( $post->ID ); ?>" title="<?php echo esc_attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>"><?php echo $att_title; ?></a></strong><br />
<?php echo strtoupper(preg_replace('/^.*?\.(\w+)$/', '$1', get_attached_file($post->ID))); ?>
<p>
<?php
@@ -83,7 +83,7 @@
$actions['edit'] = '<a href="' . get_edit_post_link($post->ID, true) . '">' . __('Edit') . '</a>';
if ( current_user_can('delete_post', $post->ID) )
$actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url("post.php?action=delete&amp;post=$post->ID", 'delete-post_' . $post->ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "</a>";
- $actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . attr(sprintf(__('View &#8220;%s&#8221;'), $title)) . '" rel="permalink">' . __('View') . '</a>';
+ $actions['view'] = '<a href="' . get_permalink($post->ID) . '" title="' . esc_attr(sprintf(__('View &#8220;%s&#8221;'), $title)) . '" rel="permalink">' . __('View') . '</a>';
$action_count = count($actions);
$i = 0;
echo '<div class="row-actions">';
@@ -182,7 +182,7 @@
case 'actions':
?>
<td <?php echo $attributes ?>>
- <a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>"><?php _e('Edit'); ?></a> |
+ <a href="media.php?action=edit&amp;attachment_id=<?php the_ID(); ?>" title="<?php echo esc_attr(sprintf(__('Edit &#8220;%s&#8221;'), $att_title)); ?>"><?php _e('Edit'); ?></a> |
<a href="<?php the_permalink(); ?>"><?php _e('Get permalink'); ?></a>
</td>
<?php
@@ -44,17 +44,17 @@ function _fill_empty_category(&$category) {
<div id="ajax-response"></div>
<form name="editcat" id="editcat" method="post" action="categories.php" class="validate">
<input type="hidden" name="action" value="editedcat" />
-<input type="hidden" name="cat_ID" value="<?php echo attr($category->term_id) ?>" />
+<input type="hidden" name="cat_ID" value="<?php echo esc_attr($category->term_id) ?>" />
<?php wp_original_referer_field(true, 'previous'); wp_nonce_field('update-category_' . $cat_ID); ?>
<table class="form-table">
<tr class="form-field form-required">
<th scope="row" valign="top"><label for="cat_name"><?php _e('Category Name') ?></label></th>
- <td><input name="cat_name" id="cat_name" type="text" value="<?php echo attr($category->name); ?>" size="40" aria-required="true" /><br />
+ <td><input name="cat_name" id="cat_name" type="text" value="<?php echo esc_attr($category->name); ?>" size="40" aria-required="true" /><br />
<?php _e('The name is used to identify the category almost everywhere, for example under the post or in the category widget.'); ?></td>
</tr>
<tr class="form-field">
<th scope="row" valign="top"><label for="category_nicename"><?php _e('Category Slug') ?></label></th>
- <td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo attr(apply_filters('editable_slug', $category->slug)); ?>" size="40" /><br />
+ <td><input name="category_nicename" id="category_nicename" type="text" value="<?php echo esc_attr(apply_filters('editable_slug', $category->slug)); ?>" size="40" /><br />
<?php _e('The &#8220;slug&#8221; is the URL-friendly version of the name. It is usually all lowercase and contains only letters, numbers, and hyphens.'); ?></td>
</tr>
<tr class="form-field">
@@ -70,7 +70,7 @@ function _fill_empty_category(&$category) {
<?php _e('The description is not prominent by default, however some themes may show it.'); ?></td>
</tr>
</table>
-<p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php _ea('Update Category'); ?>" /></p>
+<p class="submit"><input type="submit" class="button-primary" name="submit" value="<?php esc_attr_e('Update Category'); ?>" /></p>
<?php do_action('edit_category_form', $category); ?>
</form>
</div>
Oops, something went wrong.

0 comments on commit 6c2ffdd

Please sign in to comment.