golem
/
twentyGOLEM
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Attr escaping 

git-svn-id: http://svn.automattic.com/wordpress/trunk@11173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2009-05-04 17:54:08 +00:00
parent 6c74505f59
commit 12078bcb11
32 changed files with 128 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
wp-admin/import/blogger.php
View File

@ -51,7 +51,7 @@ class Blogger_Import {
$welcome = __('Howdy! This importer allows you to import posts and comments from your Blogger account into your WordPress blog.');
$prereqs = __('To use this importer, you must have a Google account and an upgraded (New, was Beta) blog hosted on blogspot.com or a custom domain (not FTP).');
$stepone = __('The first thing you need to do is tell Blogger to let WordPress access your account. You will be sent back here after providing authorization.');
$auth = __('Authorize');
$auth = _a('Authorize');
echo "
<div class='wrap'>
@ -214,6 +214,7 @@ class Blogger_Import {
$value = $continue;
else
$value = $authors;
$value = attr($value);
$blogtitle = js_escape( $blog['title'] );
$pdone = isset($blog['posts_done']) ? (int) $blog['posts_done'] : 0;
$cdone = isset($blog['comments_done']) ? (int) $blog['comments_done'] : 0;
@ -662,7 +663,7 @@ class Blogger_Import {
foreach ( $blog['authors'] as $i => $author )
$rows .= "<tr><td><label for='authors[$i]'>{$author[0]}</label></td><td><select name='authors[$i]' id='authors[$i]'>" . $this->get_user_options($author[1]) . "</select></td></tr>";
return "<div class='wrap'><h2>$heading</h2><h3>$blogtitle</h3><p>$directions</p><form action='index.php?import=blogger&amp;noheader=true&saveauthors=1' method='post'><input type='hidden' name='blog' value='$importing_blog' /><table cellpadding='5'><thead><td>$mapthis</td><td>$tothis</td></thead>$rows<tr><td></td><td class='submit'><input type='submit' class='button authorsubmit' value='$submit' /></td></tr></table></form></div>";
return "<div class='wrap'><h2>$heading</h2><h3>$blogtitle</h3><p>$directions</p><form action='index.php?import=blogger&amp;noheader=true&saveauthors=1' method='post'><input type='hidden' name='blog' value='" . attr($importing_blog) . "' /><table cellpadding='5'><thead><td>$mapthis</td><td>$tothis</td></thead>$rows<tr><td></td><td class='submit'><input type='submit' class='button authorsubmit' value='$submit' /></td></tr></table></form></div>";
}
function get_user_options($current) {
@ -831,7 +832,7 @@ class Blogger_Import {
if ( $saved && !isset($_GET['noheader']) ) {
$restart = __('Restart');
$message = __('We have saved some information about your Blogger account in your WordPress database. Clearing this information will allow you to start over. Restarting will not affect any posts you have already imported. If you attempt to re-import a blog, duplicate posts and comments will be skipped.');
$submit = __('Clear account information');
$submit = _a('Clear account information');
echo "<div class='wrap'><h2>$restart</h2><p>$message</p><form method='post' action='?import=blogger&amp;noheader=true'><p class='submit' style='text-align:left;'><input type='submit' class='button' value='$submit' name='restart' /></p></form></div>";
}
}

4
wp-admin/import/btt.php
View File

@ -35,7 +35,7 @@ class BunnyTags_Import {
echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
echo '<form action="admin.php?import=btt&amp;step=1" method="post">';
wp_nonce_field('import-btt');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Import Tags').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Import Tags').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -105,7 +105,7 @@ class BunnyTags_Import {
echo '<form action="admin.php?import=btt&amp;step='.($precheck? 2:3).'" method="post">';
wp_nonce_field('import-btt');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Next').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Next').'" /></p>';
echo '</form>';
echo '</div>';
}

12
wp-admin/import/dotclear.php
View File

@ -215,7 +215,7 @@ class Dotclear_Import {
echo '<form action="admin.php?import=dotclear&amp;step=1" method="post">';
wp_nonce_field('import-dotclear');
$this->db_form();
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.attr(__('Import Categories')).'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Import Categories').'" /></p>';
echo '</form></div>';
}
@ -632,7 +632,7 @@ class Dotclear_Import {
echo '<form action="admin.php?import=dotclear&amp;step=2" method="post">';
wp_nonce_field('import-dotclear');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Users')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Users'));
echo '</form>';
}
@ -645,7 +645,7 @@ class Dotclear_Import {
echo '<form action="admin.php?import=dotclear&amp;step=3" method="post">';
wp_nonce_field('import-dotclear');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Posts')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Posts'));
echo '</form>';
}
@ -659,7 +659,7 @@ class Dotclear_Import {
echo '<form action="admin.php?import=dotclear&amp;step=4" method="post">';
wp_nonce_field('import-dotclear');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Comments')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Comments'));
echo '</form>';
}
@ -671,7 +671,7 @@ class Dotclear_Import {
echo '<form action="admin.php?import=dotclear&amp;step=5" method="post">';
wp_nonce_field('import-dotclear');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Links')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Links'));
echo '</form>';
}
@ -684,7 +684,7 @@ class Dotclear_Import {
echo '<form action="admin.php?import=dotclear&amp;step=6" method="post">';
wp_nonce_field('import-dotclear');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Finish')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Finish'));
echo '</form>';
}

2
wp-admin/import/greymatter.php
View File

@ -66,7 +66,7 @@ class GM_Import {
<?php _e("This importer will search for files 00000001.cgi to 000-whatever.cgi,<br />so you need to enter the number of the last GM post here.<br />(if you don't know that number, just log into your FTP and look it out<br />in the entries' folder)") ?></td>
</tr>
</table>
<p class="submit"><input type="submit" name="submit" class="button" value="<?php _e('Start Importing') ?>" /></p>
<p class="submit"><input type="submit" name="submit" class="button" value="<?php _ea('Start Importing') ?>" /></p>
</form>
<?php
$this->footer();

8
wp-admin/import/jkw.php
View File

@ -34,11 +34,11 @@ class JeromesKeyword_Import {
echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
echo '<form action="admin.php?import=jkw&amp;step=1" method="post">';
wp_nonce_field('import-jkw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Import Version 1.x').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Import Version 1.x').'" /></p>';
echo '</form>';
echo '<form action="admin.php?import=jkw&amp;step=3" method="post">';
wp_nonce_field('import-jkw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Import Version 2.0a').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Import Version 2.0a').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -120,7 +120,7 @@ class JeromesKeyword_Import {
echo '<form action="admin.php?import=jkw&amp;step='.($precheck? 2:6).'" method="post">';
wp_nonce_field('import-jkw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Next').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Next').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -153,7 +153,7 @@ class JeromesKeyword_Import {
}
echo '<form action="admin.php?import=jkw&amp;step='.($precheck? 4:5).'" method="post">';
wp_nonce_field('import-jkw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Next').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Next').'" /></p>';
echo '</form>';
echo '</div>';
}

12
wp-admin/import/livejournal.php
View File

@ -181,10 +181,10 @@ class LJ_API_Import {
<form action="admin.php?import=livejournal" method="post">
<?php wp_nonce_field( 'lj-api-import' ) ?>
<?php if ( get_option( 'ljapi_username' ) && get_option( 'ljapi_password' ) ) : ?>
<input type="hidden" name="step" value="<?php echo get_option( 'ljapi_step' ) ?>" />
<input type="hidden" name="step" value="<?php echo attr( get_option( 'ljapi_step' ) ) ?>" />
<p><?php _e( 'It looks like you attempted to import your LiveJournal posts previously and got interrupted.' ) ?></p>
<p class="submit">
<input type="submit" class="button-primary" value="<?php echo attr( __( 'Continue previous import' ) ) ?>" />
<input type="submit" class="button-primary" value="<?php _ea( 'Continue previous import' ) ?>" />
</p>
<p class="submitbox"><a href="<?php echo clean_url($_SERVER['PHP_SELF'] . '?import=livejournal&amp;step=-1&amp;_wpnonce=' . wp_create_nonce( 'lj-api-import' ) . '&amp;_wp_http_referer=' . attr( $_SERVER['REQUEST_URI'] )) ?>" class="deletion submitdelete"><?php _e( 'Cancel &amp; start a new import' ) ?></a></p>
<p>
@ -223,7 +223,7 @@ class LJ_API_Import {
<p><?php _e( "<strong>WARNING:</strong> This can take a really long time if you have a lot of entries in your LiveJournal, or a lot of comments. Ideally, you should only start this process if you can leave your computer alone while it finishes the import." ) ?></p>
<p class="submit">
<input type="submit" class="button-primary" value="<?php echo attr( __( 'Connect to LiveJournal and Import' ) ) ?>" />
<input type="submit" class="button-primary" value="<?php _ea( 'Connect to LiveJournal and Import' ) ?>" />
</p>
<p><?php _e( '<strong>NOTE:</strong> If the import process is interrupted for <em>any</em> reason, come back to this page and it will continue from where it stopped automatically.' ) ?></p>
@ -816,7 +816,7 @@ class LJ_API_Import {
<form action="admin.php?import=livejournal" method="post" id="ljapi-auto-repost">
<?php wp_nonce_field( 'lj-api-import' ) ?>
<input type="hidden" name="step" id="step" value="1" />
<p><input type="submit" class="button-primary" value="<?php echo attr( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
<p><input type="submit" class="button-primary" value="<?php _ea( 'Import the next batch' ) ?>" /> <span id="auto-message"></span></p>
</form>
<?php $this->auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
<?php
@ -866,7 +866,7 @@ class LJ_API_Import {
<p><strong><?php printf( __( 'Imported comment batch %d of <strong>approximately</strong> %d' ), get_option( 'ljapi_comment_batch' ), $batch ) ?></strong></p>
<?php wp_nonce_field( 'lj-api-import' ) ?>
<input type="hidden" name="step" id="step" value="2" />
<p><input type="submit" class="button-primary" value="<?php echo attr( __( 'Import the next batch' ) ) ?>" /> <span id="auto-message"></span></p>
<p><input type="submit" class="button-primary" value="<?php _ea( 'Import the next batch' ) ?>" /> <span id="auto-message"></span></p>
</form>
<?php $this->auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
<?php
@ -941,7 +941,7 @@ class LJ_API_Import {
$str = '<form action="admin.php?import=livejournal" method="post" id="' . $id . '">';
$str .= wp_nonce_field( 'lj-api-import', '_wpnonce', true, false );
$str .= wp_referer_field( false );
$str .= '<input type="hidden" name="step" id="step" value="' . $next_step . '" />';
$str .= '<input type="hidden" name="step" id="step" value="' . attr($next_step) . '" />';
$str .= '<p><input type="submit" class="button-primary" value="' . attr( $label ) . '" /> <span id="auto-message"></span></p>';
$str .= '</form>';

6
wp-admin/import/mt.php
View File

@ -46,7 +46,7 @@ class MT_Import {
<input type="hidden" name="upload_type" value="ftp" />
<?php _e('Or use <code>mt-export.txt</code> in your <code>/wp-content/</code> directory'); ?></p>
<p class="submit">
<input type="submit" class="button" value="<?php echo attr(__('Import mt-export.txt')); ?>" />
<input type="submit" class="button" value="<?php _ea('Import mt-export.txt'); ?>" />
</p>
</form>
<p><?php _e('The importer is smart enough not to import duplicates, so you can run this multiple times without worry if&#8212;for whatever reason&#8212;it doesn\'t finish. If you get an <strong>out of memory</strong> error try splitting up the import file into pieces.'); ?> </p>
@ -207,12 +207,12 @@ class MT_Import {
$j = -1;
foreach ($authors as $author) {
++ $j;
echo '<li><label>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user[]'.'" maxlength="30"> <br />');
echo '<li><label>'.__('Current author:').' <strong>'.$author.'</strong><br />'.sprintf(__('Create user %1$s or map to existing'), ' <input type="text" value="'. attr($author) .'" name="'.'user[]'.'" maxlength="30"> <br />');
$this->users_form($j);
echo '</label></li>';
}
echo '<p class="submit"><input type="submit" class="button" value="'.__('Submit').'"></p>'.'<br />';
echo '<p class="submit"><input type="submit" class="button" value="'._a('Submit').'"></p>'.'<br />';
echo '</form>';
echo '</ol></div>';

2
wp-admin/import/opml.php
View File

@ -64,7 +64,7 @@ foreach ($categories as $category) {
?>
</select></p>
<p class="submit"><input type="submit" name="submit" value="<?php _e('Import OPML File') ?>" /></p>
<p class="submit"><input type="submit" name="submit" value="<?php _ea('Import OPML File') ?>" /></p>
</form>
</div>

6
wp-admin/import/stp.php
View File

@ -33,7 +33,7 @@ class STP_Import {
echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
echo '<form action="admin.php?import=stp&amp;step=1" method="post">';
wp_nonce_field('import-stp');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 1').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 1').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -93,7 +93,7 @@ class STP_Import {
echo '<form action="admin.php?import=stp&amp;step=2" method="post">';
wp_nonce_field('import-stp');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 2').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 2').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -109,7 +109,7 @@ class STP_Import {
echo '<p>' . sprintf( _n('Done! <strong>%s</strong> tag was added!', 'Done! <strong>%s</strong> tags were added!', $tags_added), $tags_added ) . '<br /></p>';
echo '<form action="admin.php?import=stp&amp;step=3" method="post">';
wp_nonce_field('import-stp');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 3').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 3').'" /></p>';
echo '</form>';
echo '</div>';
}

12
wp-admin/import/textpattern.php
View File

@ -70,7 +70,7 @@ class Textpattern_Import {
echo '<form action="admin.php?import=textpattern&amp;step=1" method="post">';
wp_nonce_field('import-textpattern');
$this->db_form();
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.attr(__('Import')).'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Import').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -505,7 +505,7 @@ class Textpattern_Import {
echo '<form action="admin.php?import=textpattern&amp;step=2" method="post">';
wp_nonce_field('import-textpattern');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Users')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Users'));
echo '</form>';
}
@ -518,7 +518,7 @@ class Textpattern_Import {
echo '<form action="admin.php?import=textpattern&amp;step=3" method="post">';
wp_nonce_field('import-textpattern');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Posts')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Posts'));
echo '</form>';
}
@ -532,7 +532,7 @@ class Textpattern_Import {
echo '<form action="admin.php?import=textpattern&amp;step=4" method="post">';
wp_nonce_field('import-textpattern');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Comments')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Comments'));
echo '</form>';
}
@ -544,7 +544,7 @@ class Textpattern_Import {
echo '<form action="admin.php?import=textpattern&amp;step=5" method="post">';
wp_nonce_field('import-textpattern');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Import Links')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Import Links'));
echo '</form>';
}
@ -557,7 +557,7 @@ class Textpattern_Import {
echo '<form action="admin.php?import=textpattern&amp;step=6" method="post">';
wp_nonce_field('import-textpattern');
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', attr(__('Finish')));
printf('<p class="submit"><input type="submit" name="submit" class="button" value="%s" /></p>', _a('Finish'));
echo '</form>';
}

8
wp-admin/import/utw.php
View File

@ -33,7 +33,7 @@ class UTW_Import {
echo '<p>'.__('To accommodate larger databases for those tag-crazy authors out there, we have made this into an easy 5-step program to help you kick that nasty UTW habit. Just keep clicking along and we will let you know when you are in the clear!').'</p>';
echo '<p><strong>'.__('Don&#8217;t be stupid - backup your database before proceeding!').'</strong></p>';
echo '<form action="admin.php?import=utw&amp;step=1" method="post">';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 1').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 1').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -120,7 +120,7 @@ class UTW_Import {
echo '<form action="admin.php?import=utw&amp;step=2" method="post">';
wp_nonce_field('import-utw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 2').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 2').'" /></p>';
echo '</form>';
echo '</div>';
}
@ -156,7 +156,7 @@ class UTW_Import {
echo '<form action="admin.php?import=utw&amp;step=3" method="post">';
wp_nonce_field('import-utw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 3').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 3').'" /></p>';
echo '</form>';
echo '</div>';
@ -175,7 +175,7 @@ class UTW_Import {
echo '<form action="admin.php?import=utw&amp;step=4" method="post">';
wp_nonce_field('import-utw');
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'.__('Step 4').'" /></p>';
echo '<p class="submit"><input type="submit" name="submit" class="button" value="'._a('Step 4').'" /></p>';
echo '</form>';
echo '</div>';

6
wp-admin/import/wordpress.php
View File

@ -233,7 +233,7 @@ class WP_Import {
}
echo '<p class="submit">';
echo '<input type="submit" class="button" value="'.attr( __('Submit') ).'" />'.'<br />';
echo '<input type="submit" class="button" value="'. _a('Submit') .'" />'.'<br />';
echo '</p>';
echo '</form>';
@ -242,14 +242,14 @@ class WP_Import {
function users_form($n, $author) {
if ( $this->allow_create_users() ) {
printf('<label>'.__('Create user %1$s or map to existing'), ' <input type="text" value="'.$author.'" name="'.'user_create['.intval($n).']'.'" maxlength="30" /></label> <br />');
printf('<label>'.__('Create user %1$s or map to existing'), ' <input type="text" value="'. attr($author) .'" name="'.'user_create['.intval($n).']'.'" maxlength="30" /></label> <br />');
}
else {
echo __('Map to existing').'<br />';
}
// keep track of $n => $author name
echo '<input type="hidden" name="author_in['.intval($n).']" value="'.htmlspecialchars($author).'" />';
echo '<input type="hidden" name="author_in['.intval($n).']" value="'.attr($author).'" />';
$users = get_users_of_blog();
?><select name="user_select[<?php echo $n; ?>]">

8
wp-admin/import/wp-cat2tag.php
View File

@ -103,7 +103,7 @@ function check_all_rows() {
</script>
<form name="catlist" id="catlist" action="admin.php?import=wp-cat2tag&amp;step=2" method="post">
<p><input type="button" class="button-secondary" value="<?php _e('Check All'); ?>" onclick="this.value=check_all_rows()" />
<p><input type="button" class="button-secondary" value="<?php _ea('Check All'); ?>" onclick="this.value=check_all_rows()" />
<?php wp_nonce_field('import-cat2tag'); ?></p>
<ul style="list-style:none">
@ -128,7 +128,7 @@ function check_all_rows() {
<?php if ( ! empty($this->hybrids_ids) )
echo '<p><a name="note"></a>' . __('* This category is also a tag. Converting it will add that tag to all posts that are currently in the category.') . '</p>'; ?>
<p class="submit"><input type="submit" name="submit" class="button" value="<?php _e('Convert Categories to Tags'); ?>" /></p>
<p class="submit"><input type="submit" name="submit" class="button" value="<?php _ea('Convert Categories to Tags'); ?>" /></p>
</form>
<?php }
@ -179,7 +179,7 @@ function check_all_tagrows() {
</script>
<form name="taglist" id="taglist" action="admin.php?import=wp-cat2tag&amp;step=4" method="post">
<p><input type="button" class="button-secondary" value="<?php _e('Check All'); ?>" onclick="this.value=check_all_tagrows()" />
<p><input type="button" class="button-secondary" value="<?php _ea('Check All'); ?>" onclick="this.value=check_all_tagrows()" />
<?php wp_nonce_field('import-cat2tag'); ?></p>
<ul style="list-style:none">
@ -192,7 +192,7 @@ function check_all_tagrows() {
<?php if ( ! empty($this->hybrids_ids) )
echo '<p><a name="note"></a>' . __('* This tag is also a category. When converted, all posts associated with the tag will also be in the category.') . '</p>'; ?>
<p class="submit"><input type="submit" name="submit_tags" class="button" value="<?php _e('Convert Tags to Categories'); ?>" /></p>
<p class="submit"><input type="submit" name="submit_tags" class="button" value="<?php _ea('Convert Tags to Categories'); ?>" /></p>
</form>
<?php }

10
wp-admin/includes/dashboard.php
View File

@ -132,7 +132,7 @@ function wp_add_dashboard_widget( $widget_id, $widget_name, $callback, $control_
function _wp_dashboard_control_callback( $dashboard, $meta_box ) {
echo '<form action="" method="post" class="dashboard-widget-control-form">';
wp_dashboard_trigger_widget_control( $meta_box['id'] );
echo "<p class='submit'><input type='hidden' name='widget_id' value='$meta_box[id]' /><input type='submit' value='" . __( 'Submit' ) . "' /></p>";
echo "<p class='submit'><input type='hidden' name='widget_id' value='" . attr($meta_box['id']) . "' /><input type='submit' value='" . _a( 'Submit' ) . "' /></p>";
echo '</form>';
}
@ -413,12 +413,12 @@ function wp_dashboard_quick_press() {
<input type="hidden" name="action" id="quickpost-action" value="post-quickpress-save" />
<input type="hidden" name="quickpress_post_ID" value="<?php echo (int) $post->ID; ?>" />
<?php wp_nonce_field('add-post'); ?>
<input type="submit" name="save" id="save-post" class="button" tabindex="4" value="<?php _e('Save Draft'); ?>" />
<input type="reset" value="<?php _e( 'Reset' ); ?>" class="button" />
<input type="submit" name="save" id="save-post" class="button" tabindex="4" value="<?php _ea('Save Draft'); ?>" />
<input type="reset" value="<?php _ea( 'Reset' ); ?>" class="button" />
<?php if ( current_user_can('publish_posts') ) { ?>
<input type="submit" name="publish" id="publish" accesskey="p" tabindex="5" class="button-primary" value="<?php _e('Publish'); ?>" />
<input type="submit" name="publish" id="publish" accesskey="p" tabindex="5" class="button-primary" value="<?php _ea('Publish'); ?>" />
<?php } else { ?>
<input type="submit" name="publish" id="publish" accesskey="p" tabindex="5" class="button-primary" value="<?php _e('Submit for Review'); ?>" />
<input type="submit" name="publish" id="publish" accesskey="p" tabindex="5" class="button-primary" value="<?php _ea('Submit for Review'); ?>" />
<?php } ?>
<br class="clear" />
</p>

2
wp-admin/includes/file.php
View File

@ -773,7 +773,7 @@ jQuery(function($){
<input type="hidden" name="locale" value="<?php echo attr($_POST['locale']) ?>" />
<?php endif; ?>
<p class="submit">
<input id="upgrade" name="upgrade" type="submit" class="button" value="<?php _e('Proceed'); ?>" />
<input id="upgrade" name="upgrade" type="submit" class="button" value="<?php _ea('Proceed'); ?>" />
</p>
</div>
</form>

24
wp-admin/includes/media.php
View File

@ -751,7 +751,7 @@ function image_align_input_fields($post, $checked='') {
$out = array();
foreach ($alignments as $name => $label) {
$name = attr($name);
$out[] = "<input type='radio' name='attachments[{$post->ID}][align]' id='image-align-{$name}-{$post->ID}' value='$name'".
( $checked == $name ? " checked='checked'" : "" ) .
" /><label for='image-align-{$name}-{$post->ID}' class='align image-align-{$name}-label'>" . $label . "</label>";
@ -1156,7 +1156,7 @@ function get_media_item( $attachment_id, $args = null ) {
$delete_href = wp_nonce_url("post.php?action=delete-post&amp;post=$attachment_id", 'delete-post_' . $attachment_id);
if ( $send )
$send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . attr( __( 'Insert into Post' ) ) . "' />";
$send = "<input type='submit' class='button' name='send[$attachment_id]' value='" . _a( 'Insert into Post' ) . "' />";
if ( $delete )
$delete = "<a href=\"#\" class=\"del-link\" onclick=\"document.getElementById('del_attachment_$attachment_id').style.display='block';return false;\">" . __('Delete') . "</a>";
if ( ( $send || $delete ) && !isset($form_fields['buttons']) )
@ -1413,7 +1413,7 @@ if ( $id ) {
}
?>
</div>
<input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
<input type="submit" class="button savebutton" name="save" value="<?php _ea( 'Save all changes' ); ?>" />
<?php
}
@ -1586,7 +1586,7 @@ jQuery(function($){
</div>
<p class="ml-submit">
<input type="submit" class="button savebutton" style="display:none;" name="save" id="save-all" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
<input type="submit" class="button savebutton" style="display:none;" name="save" id="save-all" value="<?php _ea( 'Save all changes' ); ?>" />
<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
<input type="hidden" name="type" value="<?php echo attr( $GLOBALS['type'] ); ?>" />
<input type="hidden" name="tab" value="<?php echo attr( $GLOBALS['tab'] ); ?>" />
@ -1663,8 +1663,8 @@ jQuery(function($){
</tbody></table>
<p class="ml-submit">
<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php echo attr( __( 'Insert gallery' ) ); ?>" />
<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php echo attr( __( 'Update gallery settings' ) ); ?>" />
<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="insert-gallery" id="insert-gallery" value="<?php _ea( 'Insert gallery' ); ?>" />
<input type="button" class="button" style="display:none;" onmousedown="wpgallery.update();" name="update-gallery" id="update-gallery" value="<?php _ea( 'Update gallery settings' ); ?>" />
</p>
</div>
</form>
@ -1708,7 +1708,7 @@ function media_upload_library_form($errors) {
<p id="media-search" class="search-box">
<label class="hidden" for="media-search-input"><?php _e('Search Media');?>:</label>
<input type="text" id="media-search-input" name="s" value="<?php the_search_query(); ?>" />
<input type="submit" value="<?php echo attr( __( 'Search Media' ) ); ?>" class="button" />
<input type="submit" value="<?php _ea( 'Search Media' ); ?>" class="button" />
</p>
<ul class="subsubsub">
@ -1825,7 +1825,7 @@ jQuery(function($){
<?php echo get_media_items(null, $errors); ?>
</div>
<p class="ml-submit">
<input type="submit" class="button savebutton" name="save" value="<?php echo attr( __( 'Save all changes' ) ); ?>" />
<input type="submit" class="button savebutton" name="save" value="<?php _ea( 'Save all changes' ); ?>" />
<input type="hidden" name="post_id" id="post_id" value="<?php echo (int) $post_id; ?>" />
</p>
</form>
@ -1907,7 +1907,7 @@ function type_url_form_image() {
<tr>
<td></td>
<td>
<input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . attr(__('Insert into Post')) . '" />
<input type="button" class="button" id="go_button" style="color:#bbb;" onclick="addExtImage.insert()" value="' . _a('Insert into Post') . '" />
</td>
</tr>
</tbody></table>
@ -1943,7 +1943,7 @@ function type_url_form_audio() {
<tr>
<td></td>
<td>
<input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" />
<input type="submit" class="button" name="insertonlybutton" value="' . _a('Insert into Post') . '" />
</td>
</tr>
</tbody></table>
@ -1978,7 +1978,7 @@ function type_url_form_video() {
<tr>
<td></td>
<td>
<input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" />
<input type="submit" class="button" name="insertonlybutton" value="' . _a('Insert into Post') . '" />
</td>
</tr>
</tbody></table>
@ -2013,7 +2013,7 @@ function type_url_form_file() {
<tr>
<td></td>
<td>
<input type="submit" class="button" name="insertonlybutton" value="' . attr(__('Insert into Post')) . '" />
<input type="submit" class="button" name="insertonlybutton" value="' . _a('Insert into Post') . '" />
</td>
</tr>
</tbody></table>

2
wp-admin/includes/plugin-install.php
View File

@ -213,7 +213,7 @@ function install_plugins_upload( $page = 1 ) {
<?php wp_nonce_field( 'plugin-upload') ?>
<label class="hidden" for="pluginzip"><?php _e('Plugin zip file'); ?></label>
<input type="file" id="pluginzip" name="pluginzip" />
<input type="submit" class="button" value="<?php _e('Install Now') ?>" />
<input type="submit" class="button" value="<?php _ea('Install Now') ?>" />
</form>
<?php
}

2
wp-admin/includes/plugin.php
View File

@ -1112,7 +1112,7 @@ function remove_option_whitelist( $del_options, $options = '' ) {
* @param string $option_group A settings group name. This should match the group name used in register_setting().
*/
function settings_fields($option_group) {
echo "<input type='hidden' name='option_page' value='$option_group' />";
echo "<input type='hidden' name='option_page' value='" . attr($option_group) . "' />";
echo '<input type="hidden" name="action" value="update" />';
wp_nonce_field("$option_group-options");
}

28
wp-admin/includes/template.php
View File

@ -2304,7 +2304,7 @@ function wp_comment_reply($position = '1', $checkbox = false, $mode = 'single',
<input type="hidden" name="status" id="status" value="" />
<input type="hidden" name="position" id="position" value="<?php echo $position; ?>" />
<input type="hidden" name="checkbox" id="checkbox" value="<?php echo $checkbox ? 1 : 0; ?>" />
<input type="hidden" name="mode" id="mode" value="<?php echo $mode; ?>" />
<input type="hidden" name="mode" id="mode" value="<?php echo attr($mode); ?>" />
<?php wp_nonce_field( 'replyto-comment', '_ajax_nonce', false ); ?>
<?php wp_comment_form_unfiltered_html_nonce(); ?>
<?php if ( $table_row ) : ?>
@ -2436,8 +2436,8 @@ function _list_meta_row( $entry, &$count ) {
$r .= "\n\t\t<td class='left'><label class='hidden' for='meta[{$entry['meta_id']}][key]'>" . __( 'Key' ) . "</label><input name='meta[{$entry['meta_id']}][key]' id='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' />";
$r .= "\n\t\t<div class='submit'><input name='deletemeta[{$entry['meta_id']}]' type='submit' ";
$r .= "class='delete:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$delete_nonce deletemeta' tabindex='6' value='".attr(__( 'Delete' ))."' />";
$r .= "\n\t\t<input name='updatemeta' type='submit' tabindex='6' value='".attr(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$update_nonce updatemeta' /></div>";
$r .= "class='delete:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$delete_nonce deletemeta' tabindex='6' value='". _a( 'Delete' ) ."' />";
$r .= "\n\t\t<input name='updatemeta' type='submit' tabindex='6' value='". _a( 'Update' ) ."' class='add:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$update_nonce updatemeta' /></div>";
$r .= wp_nonce_field( 'change-meta', '_ajax_nonce', false, false );
$r .= "</td>";
@ -2486,7 +2486,7 @@ function meta_form() {
foreach ( $keys as $key ) {
$key = attr( $key );
echo "\n<option value='$key'>$key</option>";
echo "\n<option value='" . attr($key) . "'>$key</option>";
}
?>
</select>
@ -2502,7 +2502,7 @@ function meta_form() {
</tr>
<tr><td colspan="2" class="submit">
<input type="submit" id="addmetasub" name="addmeta" class="add:the-list:newmeta" tabindex="9" value="<?php _e( 'Add Custom Field' ) ?>" />
<input type="submit" id="addmetasub" name="addmeta" class="add:the-list:newmeta" tabindex="9" value="<?php _ea( 'Add Custom Field' ) ?>" />
<?php wp_nonce_field( 'add-meta', '_ajax_nonce', false ); ?>
</td></tr>
</tbody>
@ -2722,9 +2722,9 @@ function wp_dropdown_roles( $selected = false ) {
foreach( $editable_roles as $role => $details ) {
$name = translate_user_role($details['name'] );
if ( $selected == $role ) // Make default first in list
$p = "\n\t<option selected='selected' value='$role'>$name</option>";
$p = "\n\t<option selected='selected' value='" . attr($role) . "'>$name</option>";
else
$r .= "\n\t<option value='$role'>$name</option>";
$r .= "\n\t<option value='" . attr($role) . "'>$name</option>";
}
echo $p . $r;
}
@ -2804,7 +2804,7 @@ function wp_import_upload_form( $action ) {
<input type="hidden" name="max_file_size" value="<?php echo $bytes; ?>" />
</p>
<p class="submit">
<input type="submit" class="button" value="<?php _e( 'Upload file and import' ); ?>" />
<input type="submit" class="button" value="<?php _ea( 'Upload file and import' ); ?>" />
</p>
</form>
<?php
@ -3157,14 +3157,14 @@ function find_posts_div($found_action = '') {
<div class="find-box-inside">
<div class="find-box-search">
<?php if ( $found_action ) { ?>
<input type="hidden" name="found_action" value="<?php echo $found_action; ?>" />
<input type="hidden" name="found_action" value="<?php echo attr($found_action); ?>" />
<?php } ?>
<input type="hidden" name="affected" id="affected" value="" />
<?php wp_nonce_field( 'find-posts', '_ajax_nonce', false ); ?>
<label class="hidden" for="find-posts-input"><?php _e( 'Search' ); ?></label>
<input type="text" id="find-posts-input" name="ps" value="" />
<input type="button" onclick="findPosts.send();" value="<?php _e( 'Search' ); ?>" class="button" /><br />
<input type="button" onclick="findPosts.send();" value="<?php _ea( 'Search' ); ?>" class="button" /><br />
<input type="radio" name="find-posts-what" id="find-posts-posts" checked="checked" value="posts" />
<label for="find-posts-posts"><?php _e( 'Posts' ); ?></label>
@ -3174,8 +3174,8 @@ function find_posts_div($found_action = '') {
<div id="find-posts-response"></div>
</div>
<div class="find-box-buttons">
<input type="button" class="button alignleft" onclick="findPosts.close();" value="<?php _e('Close'); ?>" />
<input id="find-posts-submit" type="submit" class="button-primary alignright" value="<?php _e('Select'); ?>" />
<input type="button" class="button alignleft" onclick="findPosts.close();" value="<?php _ea('Close'); ?>" />
<input id="find-posts-submit" type="submit" class="button-primary alignright" value="<?php _ea('Select'); ?>" />
</div>
</div>
<?php
@ -3646,8 +3646,8 @@ function screen_options($screen) {
$return .= "<div class='screen-options'>\n";
if ( !empty($per_page_label) )
$return .= "<label for='$option'>$per_page_label</label> <input type='text' class='screen-per-page' name='wp_screen_options[value]' id='$option' maxlength='3' value='$per_page' />\n";
$return .= "<input type='submit' class='button' value='" . __('Apply') . "' />";
$return .= "<input type='hidden' name='wp_screen_options[option]' value='$option' />";
$return .= "<input type='submit' class='button' value='" . _a('Apply') . "' />";
$return .= "<input type='hidden' name='wp_screen_options[option]' value='" . attr($option) . "' />";
$return .= "</div>\n";
return $return;
}

6
wp-admin/includes/theme-install.php
View File

@ -159,7 +159,7 @@ function install_theme_search_form() {
<option value="tag" <?php selected('tag', $type) ?>><?php _e('Tag'); ?></option>
</select>
<input type="text" name="s" size="30" value="<?php echo attr($term) ?>" />
<input type="submit" name="search" value="<?php echo attr(__('Search')); ?>" class="button" />
<input type="submit" name="search" value="<?php _ea('Search'); ?>" class="button" />
</form>
<?php
}
@ -218,7 +218,7 @@ function install_themes_dashboard() {
</div>
<br class="clear" />
<input type="submit" name="search" value="<?php echo attr(__('Find Themes')); ?>" class="button" />
<input type="submit" name="search" value="<?php _ea('Find Themes'); ?>" class="button" />
</form>
<?php
}
@ -281,7 +281,7 @@ function install_themes_upload($page = 1) {
<?php wp_nonce_field( 'theme-upload') ?>
<input type="file" name="themezip" />
<input type="submit"
class="button" value="<?php _e('Install Now') ?>" />
class="button" value="<?php _ea('Install Now') ?>" />
</form>
<?php
}

16
wp-admin/includes/widgets.php
View File

@ -183,18 +183,18 @@ function wp_widget_control( $sidebar_args ) {
else
echo "\t\t<p>" . __('There are no options for this widget.') . "</p>\n"; ?>
<input type="hidden" name="widget-id" class="widget-id" value="<?php echo $id_format; ?>" />
<input type="hidden" name="id_base" class="id_base" value="<?php echo $id_base; ?>" />
<input type="hidden" name="widget-width" class="widget-width" value="<?php echo $control['width']; ?>" />
<input type="hidden" name="widget-height" class="widget-height" value="<?php echo $control['height']; ?>" />
<input type="hidden" name="widget_number" class="widget_number" value="<?php echo $widget_number; ?>" />
<input type="hidden" name="multi_number" class="multi_number" value="<?php echo $multi_number; ?>" />
<input type="hidden" name="add_new" class="add_new" value="<?php echo $add_new; ?>" />
<input type="hidden" name="widget-id" class="widget-id" value="<?php echo attr($id_format); ?>" />
<input type="hidden" name="id_base" class="id_base" value="<?php echo $attr(id_base); ?>" />
<input type="hidden" name="widget-width" class="widget-width" value="<?php echo attr($control['width']); ?>" />
<input type="hidden" name="widget-height" class="widget-height" value="<?php echo attr($control['height']); ?>" />
<input type="hidden" name="widget_number" class="widget_number" value="<?php echo attr($widget_number); ?>" />
<input type="hidden" name="multi_number" class="multi_number" value="<?php echo attr($multi_number); ?>" />
<input type="hidden" name="add_new" class="add_new" value="<?php echo attr($add_new); ?>" />
<div class="widget-control-actions">
<a class="button widget-control-remove alignleft" href="<?php echo $edit ? clean_url( add_query_arg( array( 'remove' => $id_format, 'key' => $key, '_wpnonce' => $nonce ) ) ) : '#remove'; ?>"><?php _e('Remove'); ?></a>
<?php if ( 'noform' !== $has_form ) { ?>
<input type="submit" name="savewidget" class="button-primary widget-control-save alignright" value="<?php _e('Save'); ?>" />
<input type="submit" name="savewidget" class="button-primary widget-control-save alignright" value="<?php _ea('Save'); ?>" />
<?php } ?>
<br class="clear" />
</div>

2
wp-admin/press-this.php
View File

@ -382,10 +382,12 @@ var ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>';
$content = '';
if ( preg_match("/youtube\.com\/watch/i", $url) ) {
list($domain, $video_id) = split("v=", $url);
$video_id = attr($video_id);
$content = '<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/' . $video_id . '"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/' . $video_id . '" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>';
} elseif ( preg_match("/vimeo\.com\/[0-9]+/i", $url) ) {
list($domain, $video_id) = split(".com/", $url);
$video_id = attr($video_id);
$content = '<object width="400" height="225"><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="movie" value="http://www.vimeo.com/moogaloop.swf?clip_id=' . $video_id . '&amp;server=www.vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=&amp;fullscreen=1" /> <embed src="http://www.vimeo.com/moogaloop.swf?clip_id=' . $video_id . '&amp;server=www.vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=&amp;fullscreen=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" width="400" height="225"></embed></object>';
if ( trim($selection) == '' )

2
wp-admin/theme-editor.php
View File

@ -96,7 +96,7 @@ default:
$docs_select = '<select name="docs-list" id="docs-list">';
$docs_select .= '<option value="">' . _a( 'Function Name...' ) . '</option>';
foreach ( $functions as $function ) {
$docs_select .= '<option value="' . urlencode( $function ) . '">' . htmlspecialchars( $function ) . '()</option>';
$docs_select .= '<option value="' . attr( urlencode( $function ) ) . '">' . htmlspecialchars( $function ) . '()</option>';
}
$docs_select .= '</select>';
}

8
wp-content/themes/classic/comments-popup.php
View File

@ -67,17 +67,17 @@ if ( post_password_required($commentstatus) ) { // and it doesn't match the coo
<p><?php printf(__('Logged in as %s.'), '<a href="'.get_option('siteurl').'/wp-admin/profile.php">'.$user_identity.'</a>'); ?> <a href="<?php echo wp_logout_url(); ?>" title="<?php echo attr(__('Log out of this account')); ?>"><?php _e('Log out &raquo;'); ?></a></p>
<?php else : ?>
<p>
<input type="text" name="author" id="author" class="textarea" value="<?php echo $comment_author; ?>" size="28" tabindex="1" />
<input type="text" name="author" id="author" class="textarea" value="<?php echo attr($comment_author); ?>" size="28" tabindex="1" />
<label for="author"><?php _e("Name"); ?></label>
</p>
<p>
<input type="text" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="28" tabindex="2" />
<input type="text" name="email" id="email" value="<?php echo attr($comment_author_email); ?>" size="28" tabindex="2" />
<label for="email"><?php _e("E-mail"); ?></label>
</p>
<p>
<input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="28" tabindex="3" />
<input type="text" name="url" id="url" value="<?php echo attr($comment_author_url); ?>" size="28" tabindex="3" />
<label for="url"><?php _e("<abbr title=\"Universal Resource Locator\">URL</abbr>"); ?></label>
</p>
<?php endif; ?>
@ -91,7 +91,7 @@ if ( post_password_required($commentstatus) ) { // and it doesn't match the coo
<p>
<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
<input type="hidden" name="redirect_to" value="<?php echo attr($_SERVER["REQUEST_URI"]); ?>" />
<input name="submit" type="submit" tabindex="5" value="<?php _e("Say It!"); ?>" />
<input name="submit" type="submit" tabindex="5" value="<?php _ea("Say It!"); ?>" />
</p>
<?php do_action('comment_form', $post->ID); ?>
</form>

8
wp-content/themes/classic/comments.php
View File

@ -53,13 +53,13 @@ if ( post_password_required() ) : ?>
<?php else : ?>
<p><input type="text" name="author" id="author" value="<?php echo $comment_author; ?>" size="22" tabindex="1" />
<p><input type="text" name="author" id="author" value="<?php echo attr($comment_author); ?>" size="22" tabindex="1" />
<label for="author"><small><?php _e('Name'); ?> <?php if ($req) _e('(required)'); ?></small></label></p>
<p><input type="text" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="22" tabindex="2" />
<p><input type="text" name="email" id="email" value="<?php echo attr($comment_author_email); ?>" size="22" tabindex="2" />
<label for="email"><small><?php _e('Mail (will not be published)');?> <?php if ($req) _e('(required)'); ?></small></label></p>
<p><input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="22" tabindex="3" />
<p><input type="text" name="url" id="url" value="<?php echo attr($comment_author_url); ?>" size="22" tabindex="3" />
<label for="url"><small><?php _e('Website'); ?></small></label></p>
<?php endif; ?>
@ -68,7 +68,7 @@ if ( post_password_required() ) : ?>
<p><textarea name="comment" id="comment" cols="100%" rows="10" tabindex="4"></textarea></p>
<p><input name="submit" type="submit" id="submit" tabindex="5" value="<?php echo attr(__('Submit Comment')); ?>" />
<p><input name="submit" type="submit" id="submit" tabindex="5" value="<?php _ea('Submit Comment'); ?>" />
<input type="hidden" name="comment_post_ID" value="<?php echo $id; ?>" />
</p>
<?php do_action('comment_form', $post->ID); ?>

2
wp-content/themes/classic/sidebar.php
View File

@ -18,7 +18,7 @@
<form id="searchform" method="get" action="<?php bloginfo('home'); ?>">
<div>
<input type="text" name="s" id="s" size="15" /><br />
<input type="submit" value="<?php _e('Search'); ?>" />
<input type="submit" value="<?php _ea('Search'); ?>" />
</div>
</form>
</li>

6
wp-content/themes/default/comments-popup.php
View File

@ -66,17 +66,17 @@ if ( post_password_required($post) ) { // and it doesn't match the cookie
<p>Logged in as <a href="<?php echo get_option('siteurl'); ?>/wp-admin/profile.php"><?php echo $user_identity; ?></a>. <a href="<?php echo wp_logout_url(get_permalink()); ?>" title="Log out of this account">Log out &raquo;</a></p>
<?php else : ?>
<p>
<input type="text" name="author" id="author" class="textarea" value="<?php echo $comment_author; ?>" size="28" tabindex="1" />
<input type="text" name="author" id="author" class="textarea" value="<?php echo attr($comment_author); ?>" size="28" tabindex="1" />
<label for="author">Name</label>
</p>
<p>
<input type="text" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="28" tabindex="2" />
<input type="text" name="email" id="email" value="<?php echo attr($comment_author_email); ?>" size="28" tabindex="2" />
<label for="email">E-mail</label>
</p>
<p>
<input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="28" tabindex="3" />
<input type="text" name="url" id="url" value="<?php echo attr($comment_author_url); ?>" size="28" tabindex="3" />
<label for="url"><abbr title="Universal Resource Locator">URL</abbr></label>
</p>
<?php endif; ?>

6
wp-content/themes/default/comments.php
View File

@ -68,13 +68,13 @@
<?php else : ?>
<p><input type="text" name="author" id="author" value="<?php echo $comment_author; ?>" size="22" tabindex="1" <?php if ($req) echo "aria-required='true'"; ?> />
<p><input type="text" name="author" id="author" value="<?php echo attr($comment_author); ?>" size="22" tabindex="1" <?php if ($req) echo "aria-required='true'"; ?> />
<label for="author"><small>Name <?php if ($req) echo "(required)"; ?></small></label></p>
<p><input type="text" name="email" id="email" value="<?php echo $comment_author_email; ?>" size="22" tabindex="2" <?php if ($req) echo "aria-required='true'"; ?> />
<p><input type="text" name="email" id="email" value="<?php echo attr($comment_author_email); ?>" size="22" tabindex="2" <?php if ($req) echo "aria-required='true'"; ?> />
<label for="email"><small>Mail (will not be published) <?php if ($req) echo "(required)"; ?></small></label></p>
<p><input type="text" name="url" id="url" value="<?php echo $comment_author_url; ?>" size="22" tabindex="3" />
<p><input type="text" name="url" id="url" value="<?php echo attr($comment_author_url); ?>" size="22" tabindex="3" />
<label for="url"><small>Website</small></label></p>
<?php endif; ?>

26
wp-content/themes/default/functions.php
View File

@ -166,7 +166,7 @@ function kubrick_theme_page_head() {
kUpdate(ColorPicker_targetInput.id);
}
function PopupWindow_populate(contents) {
contents += '<br /><p style="text-align:center;margin-top:0px;"><input type="button" class="button-secondary" value="<?php echo attr(__('Close Color Picker')); ?>" onclick="cp.hidePopup(\'prettyplease\')"></input></p>';
contents += '<br /><p style="text-align:center;margin-top:0px;"><input type="button" class="button-secondary" value="<?php _ea('Close Color Picker'); ?>" onclick="cp.hidePopup(\'prettyplease\')"></input></p>';
this.contents = contents;
this.populated = false;
}
@ -380,14 +380,14 @@ function kubrick_theme_page() {
<div id="nonJsForm">
<form method="post" action="">
<?php wp_nonce_field('kubrick-header'); ?>
<div class="zerosize"><input type="submit" name="defaultsubmit" value="<?php echo attr(__('Save')); ?>" /></div>
<div class="zerosize"><input type="submit" name="defaultsubmit" value="<?php _ea('Save'); ?>" /></div>
<label for="njfontcolor"><?php _e('Font Color:'); ?></label><input type="text" name="njfontcolor" id="njfontcolor" value="<?php echo attr(kubrick_header_color()); ?>" /> <?php printf(__('Any CSS color (%s or %s or %s)'), '<code>red</code>', '<code>#FF0000</code>', '<code>rgb(255, 0, 0)</code>'); ?><br />
<label for="njuppercolor"><?php _e('Upper Color:'); ?></label><input type="text" name="njuppercolor" id="njuppercolor" value="#<?php echo attr(kubrick_upper_color()); ?>" /> <?php printf(__('HEX only (%s or %s)'), '<code>#FF0000</code>', '<code>#F00</code>'); ?><br />
<label for="njlowercolor"><?php _e('Lower Color:'); ?></label><input type="text" name="njlowercolor" id="njlowercolor" value="#<?php echo attr(kubrick_lower_color()); ?>" /> <?php printf(__('HEX only (%s or %s)'), '<code>#FF0000</code>', '<code>#F00</code>'); ?><br />
<input type="hidden" name="hi" id="hi" value="<?php echo attr(kubrick_header_image()); ?>" />
<input type="submit" name="toggledisplay" id="toggledisplay" value="<?php echo attr(__('Toggle Text')); ?>" />
<input type="submit" name="defaults" value="<?php echo attr(__('Use Defaults')); ?>" />
<input type="submit" class="defbutton" name="submitform" value="&nbsp;&nbsp;<?php _e('Save'); ?>&nbsp;&nbsp;" />
<input type="submit" name="toggledisplay" id="toggledisplay" value="<?php _ea('Toggle Text'); ?>" />
<input type="submit" name="defaults" value="<?php _ea('Use Defaults'); ?>" />
<input type="submit" class="defbutton" name="submitform" value="&nbsp;&nbsp;<?php _ea('Save'); ?>&nbsp;&nbsp;" />
<input type="hidden" name="action" value="save" />
<input type="hidden" name="njform" value="true" />
</form>
@ -395,18 +395,18 @@ function kubrick_theme_page() {
<div id="jsForm">
<form style="display:inline;" method="post" name="hicolor" id="hicolor" action="<?php echo attr($_SERVER['REQUEST_URI']); ?>">
<?php wp_nonce_field('kubrick-header'); ?>
<input type="button" class="button-secondary" onclick="tgt=document.getElementById('fontcolor');colorSelect(tgt,'pick1');return false;" name="pick1" id="pick1" value="<?php echo attr(__('Font Color')); ?>"></input>
<input type="button" class="button-secondary" onclick="tgt=document.getElementById('uppercolor');colorSelect(tgt,'pick2');return false;" name="pick2" id="pick2" value="<?php echo attr(__('Upper Color')); ?>"></input>
<input type="button" class="button-secondary" onclick="tgt=document.getElementById('lowercolor');colorSelect(tgt,'pick3');return false;" name="pick3" id="pick3" value="<?php echo attr(__('Lower Color')); ?>"></input>
<input type="button" class="button-secondary" name="revert" value="<?php echo attr(__('Revert')); ?>" onclick="kRevert()" />
<input type="button" class="button-secondary" value="<?php echo attr(__('Advanced')); ?>" onclick="toggleAdvanced()" />
<input type="button" class="button-secondary" onclick="tgt=document.getElementById('fontcolor');colorSelect(tgt,'pick1');return false;" name="pick1" id="pick1" value="<?php _ea('Font Color'); ?>"></input>
<input type="button" class="button-secondary" onclick="tgt=document.getElementById('uppercolor');colorSelect(tgt,'pick2');return false;" name="pick2" id="pick2" value="<?php _ea('Upper Color'); ?>"></input>
<input type="button" class="button-secondary" onclick="tgt=document.getElementById('lowercolor');colorSelect(tgt,'pick3');return false;" name="pick3" id="pick3" value="<?php _ea('Lower Color'); ?>"></input>
<input type="button" class="button-secondary" name="revert" value="<?php _ea('Revert'); ?>" onclick="kRevert()" />
<input type="button" class="button-secondary" value="<?php _ea('Advanced'); ?>" onclick="toggleAdvanced()" />
<input type="hidden" name="action" value="save" />
<input type="hidden" name="fontdisplay" id="fontdisplay" value="<?php echo attr(kubrick_header_display()); ?>" />
<input type="hidden" name="fontcolor" id="fontcolor" value="<?php echo attr(kubrick_header_color()); ?>" />
<input type="hidden" name="uppercolor" id="uppercolor" value="<?php echo attr(kubrick_upper_color()); ?>" />
<input type="hidden" name="lowercolor" id="lowercolor" value="<?php echo attr(kubrick_lower_color()); ?>" />
<input type="hidden" name="headerimage" id="headerimage" value="<?php echo attr(kubrick_header_image()); ?>" />
<p class="submit"><input type="submit" name="submitform" class="button-primary" value="<?php echo attr(__('Update Header')); ?>" onclick="cp.hidePopup('prettyplease')" /></p>
<p class="submit"><input type="submit" name="submitform" class="button-primary" value="<?php _ea('Update Header'); ?>" onclick="cp.hidePopup('prettyplease')" /></p>
</form>
<div id="colorPickerDiv" style="z-index: 100;background:#eee;border:1px solid #ccc;position:absolute;visibility:hidden;"> </div>
<div id="advanced">
@ -415,8 +415,8 @@ function kubrick_theme_page() {
<label for="advfontcolor"><?php _e('Font Color (CSS):'); ?> </label><input type="text" id="advfontcolor" onchange="advUpdate(this.value, 'fontcolor')" value="<?php echo attr(kubrick_header_color()); ?>" /><br />
<label for="advuppercolor"><?php _e('Upper Color (HEX):');?> </label><input type="text" id="advuppercolor" onchange="advUpdate(this.value, 'uppercolor')" value="#<?php echo attr(kubrick_upper_color()); ?>" /><br />
<label for="advlowercolor"><?php _e('Lower Color (HEX):'); ?> </label><input type="text" id="advlowercolor" onchange="advUpdate(this.value, 'lowercolor')" value="#<?php echo attr(kubrick_lower_color()); ?>" /><br />
<input type="button" class="button-secondary" name="default" value="<?php echo attr(__('Select Default Colors')); ?>" onclick="kDefaults()" /><br />
<input type="button" class="button-secondary" onclick="toggleDisplay();return false;" name="pick" id="pick" value="<?php echo attr(__('Toggle Text Display')); ?>"></input><br />
<input type="button" class="button-secondary" name="default" value="<?php _ea('Select Default Colors'); ?>" onclick="kDefaults()" /><br />
<input type="button" class="button-secondary" onclick="toggleDisplay();return false;" name="pick" id="pick" value="<?php _ea('Toggle Text Display'); ?>"></input><br />
</form>
</div>
</div>

2
wp-includes/default-widgets.php
View File

@ -852,7 +852,7 @@ function wp_widget_rss_form( $args, $inputs = null ) {
$number = attr( $number );
$title = attr( $title );
$url = attr( $url );
$url = clean_url( $url );
$items = (int) $items;
if ( $items < 1 || 20 < $items )
$items = 10;

2
wp-includes/general-template.php
View File

@ -121,7 +121,7 @@ function get_search_form() {
$form = '<form role="search" method="get" id="searchform" action="' . get_option('home') . '/" >
<div><label class="hidden" for="s">' . __('Search for:') . '</label>
<input type="text" value="' . attr(apply_filters('the_search_query', get_search_query())) . '" name="s" id="s" />
<input type="submit" id="searchsubmit" value="'.attr(__('Search')).'" />
<input type="submit" id="searchsubmit" value="'. _a('Search') .'" />
</div>
</form>';

6
wp-includes/post-template.php
View File

@ -707,7 +707,7 @@ function wp_dropdown_pages($args = '') {
if ( $show_option_no_change )
$output .= "\t<option value=\"-1\">$show_option_no_change</option>";
if ( $show_option_none )
$output .= "\t<option value=\"$option_none_value\">$show_option_none</option>\n";
$output .= "\t<option value=\"" . attr($option_none_value) . "\">$show_option_none</option>\n";
$output .= walk_page_dropdown_tree($pages, $depth, $r);
$output .= "</select>\n";
}
@ -1134,7 +1134,7 @@ function get_the_password_form() {
$label = 'pwbox-'.(empty($post->ID) ? rand() : $post->ID);
$output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post">
<p>' . __("This post is password protected. To view it please enter your password below:") . '</p>
<p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . __("Submit") . '" /></p>
<p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . _a("Submit") . '" /></p>
</form>
';
return apply_filters('the_password_form', $output);
@ -1316,7 +1316,7 @@ function wp_list_post_revisions( $post_id = 0, $args = null ) {
<div class="tablenav">
<div class="alignleft">
<input type="submit" class="button-secondary" value="<?php _e( 'Compare Revisions' ); ?>" />
<input type="submit" class="button-secondary" value="<?php _ea( 'Compare Revisions' ); ?>" />
<input type="hidden" name="action" value="diff" />
</div>
</div>