Skip to content

Commit

Permalink
Merge pull request #223 from paulgibbs/master
Browse files Browse the repository at this point in the history 
Correctly escape string translations in form elements
  • Loading branch information
@milohuang
milohuang committed Nov 23, 2013
2 parents d442acb + 6fdfe54 commit 1086680
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions comments.php
View file
Expand Up @@ -6,7 +6,7 @@
<?php echo get_avatar($comment,$size='48'); ?>
<div class="author-meta">
<?php printf(__('<cite class="fn">%s</cite>', 'reverie'), get_comment_author_link()) ?>
<time datetime="<?php echo comment_date('c') ?>"><a href="<?php echo htmlspecialchars( get_comment_link( $comment->comment_ID ) ) ?>"><?php printf(__('%1$s', 'reverie'), get_comment_date(), get_comment_time()) ?></a></time>
<time datetime="<?php echo comment_date('c') ?>"><a href="<?php echo esc_url( get_comment_link( $comment->comment_ID ) ) ?>"><?php printf(__('%1$s', 'reverie'), get_comment_date(), get_comment_time()) ?></a></time>
<?php edit_comment_link(__('(Edit)', 'reverie'), '', '') ?>
</div>
</header>
Expand Down Expand Up @@ -94,7 +94,7 @@
<textarea name="comment" id="comment" tabindex="4"></textarea>
</p>
<p id="allowed_tags" class="small"><strong>XHTML:</strong> <?php _e('You can use these tags:','reverie'); ?> <code><?php echo allowed_tags(); ?></code></p>
<p><input name="submit" class="button" type="submit" id="submit" tabindex="5" value="<?php _e('Submit Comment', 'reverie'); ?>"></p>
<p><input name="submit" class="button" type="submit" id="submit" tabindex="5" value="<?php esc_attr_e('Submit Comment', 'reverie'); ?>"></p>
<?php comment_id_fields(); ?>
<?php do_action('comment_form', $post->ID); ?>
</form>
Expand Down
4 changes: 2 additions & 2 deletions searchform.php
View file
@@ -1,10 +1,10 @@
<form role="search" method="get" id="searchform" action="<?php echo home_url('/'); ?>">
<div class="row collapse">
<div class="small-8 columns">
<input type="text" value="" name="s" id="s" placeholder="<?php _e('Search', 'reverie'); ?>">
<input type="text" value="" name="s" id="s" placeholder="<?php esc_attr_e('Search', 'reverie'); ?>">
</div>
<div class="small-4 columns">
<input type="submit" id="searchsubmit" value="<?php _e('Search', 'reverie'); ?>" class="prefix button">
<input type="submit" id="searchsubmit" value="<?php esc_attr_e('Search', 'reverie'); ?>" class="prefix button">
</div>
</div>
</form>

0 comments on commit 1086680

Please sign in to comment.