Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Tag textareas escaped earlier with textarea_escaped. see #15454.

git-svn-id: http://svn.automattic.com/wordpress/trunk@17141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
commit 9009245db5cff4e1b1121d837805861b0a521b95 1 parent a0313cd
nacin authored
2  wp-admin/edit-tag-form.php
View
@@ -61,7 +61,7 @@
<?php endif; // is_taxonomy_hierarchical() ?>
<tr class="form-field">
<th scope="row" valign="top"><label for="description"><?php _ex('Description', 'Taxonomy Description'); ?></label></th>
- <td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo $tag->description; // already escaped ?></textarea><br />
+ <td><textarea name="description" id="description" rows="5" cols="50" style="width: 97%;"><?php echo $tag->description; // textarea_escaped ?></textarea><br />
<span class="description"><?php _e('The description is not prominent by default, however some themes may show it.'); ?></span></td>
</tr>
<?php
2  wp-admin/includes/media.php
View
@@ -1343,7 +1343,7 @@ function get_media_item( $attachment_id, $args = null ) {
if ( !empty( $field[ $field['input'] ] ) )
$item .= $field[ $field['input'] ];
elseif ( $field['input'] == 'textarea' ) {
- if ( user_can_richedit() ) { // already escaped when user_can_richedit() = false
+ if ( user_can_richedit() ) { // textarea_escaped when user_can_richedit() = false
$field['value'] = esc_textarea( $field['value'] );
}
$item .= "<textarea type='text' id='$name' name='$name' $aria_required>" . $field['value'] . '</textarea>';
6 wp-admin/includes/meta-boxes.php
View
@@ -288,7 +288,7 @@ function post_tags_meta_box($post, $box) {
<div class="jaxtag">
<div class="nojs-tags hide-if-js">
<p><?php echo $taxonomy->labels->add_or_remove_items; ?></p>
- <textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php echo $disabled; ?>><?php echo get_terms_to_edit( $post->ID, $tax_name ); // escaped by esc_attr() ?></textarea></div>
+ <textarea name="<?php echo "tax_input[$tax_name]"; ?>" rows="3" cols="20" class="the-tags" id="tax-input-<?php echo $tax_name; ?>" <?php echo $disabled; ?>><?php echo get_terms_to_edit( $post->ID, $tax_name ); // textarea_escaped by esc_attr() ?></textarea></div>
<?php if ( current_user_can($taxonomy->cap->assign_terms) ) : ?>
<div class="ajaxtag hide-if-no-js">
<label class="screen-reader-text" for="new-tag-<?php echo $tax_name; ?>"><?php echo $box['title']; ?></label>
@@ -383,7 +383,7 @@ function post_categories_meta_box( $post, $box ) {
*/
function post_excerpt_meta_box($post) {
?>
-<label class="screen-reader-text" for="excerpt"><?php _e('Excerpt') ?></label><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt; ?></textarea>
+<label class="screen-reader-text" for="excerpt"><?php _e('Excerpt') ?></label><textarea rows="1" cols="40" name="excerpt" tabindex="6" id="excerpt"><?php echo $post->post_excerpt; // textarea_escaped ?></textarea>
<p><?php _e('Excerpts are optional hand-crafted summaries of your content that can be used in your theme. <a href="http://codex.wordpress.org/Excerpt" target="_blank">Learn more about manual excerpts.</a>'); ?></p>
<?php
}
@@ -886,7 +886,7 @@ function link_advanced_meta_box($link) {
</tr>
<tr class="form-field">
<th valign="top" scope="row"><label for="link_notes"><?php _e('Notes') ?></label></th>
- <td><textarea name="link_notes" id="link_notes" cols="50" rows="10" style="width: 95%"><?php echo ( isset( $link->link_notes ) ? $link->link_notes : ''); // escaped ?></textarea></td>
+ <td><textarea name="link_notes" id="link_notes" cols="50" rows="10" style="width: 95%"><?php echo ( isset( $link->link_notes ) ? $link->link_notes : ''); // textarea_escaped ?></textarea></td>
</tr>
<tr class="form-field">
<th valign="top" scope="row"><label for="link_rating"><?php _e('Rating') ?></label></th>
2  wp-admin/user-edit.php
View
@@ -354,7 +354,7 @@ function use_ssl_preference($user) {
<table class="form-table">
<tr>
<th><label for="description"><?php _e('Biographical Info'); ?></label></th>
- <td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description; // escaped ?></textarea><br />
+ <td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description; // textarea_escaped ?></textarea><br />
<span class="description"><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?></span></td>
</tr>
Please sign in to comment.
Something went wrong with that request. Please try again.