@@ -386,10 +386,10 @@ class Custom_Image_Header {
-
-
+
+
-
+
diff --git a/wp-admin/edit-attachment-rows.php b/wp-admin/edit-attachment-rows.php
index eb742dac7..84a4f8cfe 100644
--- a/wp-admin/edit-attachment-rows.php
+++ b/wp-admin/edit-attachment-rows.php
@@ -62,7 +62,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
if ( $thumb = wp_get_attachment_image( $post->ID, array(80, 60), true ) ) {
?>
-
+
@@ -74,7 +74,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
case 'media':
?>
-
>
+ | >
ID))); ?>
$column_display_name ) {
$actions['edit'] = '' . __('Edit') . '';
if ( current_user_can('delete_post', $post->ID) )
$actions['delete'] = "ID) . "' onclick=\"if ( confirm('" . js_escape(sprintf( ('draft' == $post->post_status) ? __("You are about to delete this attachment '%s'\n 'Cancel' to stop, 'OK' to delete.") : __("You are about to delete this attachment '%s'\n 'Cancel' to stop, 'OK' to delete."), $post->post_title )) . "') ) { return true;}return false;\">" . __('Delete') . "";
- $actions['view'] = '' . __('View') . '';
+ $actions['view'] = '' . __('View') . '';
$action_count = count($actions);
$i = 0;
echo ' ';
@@ -182,7 +182,7 @@ foreach ($posts_columns as $column_name => $column_display_name ) {
case 'actions':
?>
>
- |
+ |
|
diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php
index 21dd065d1..5d69c9577 100644
--- a/wp-admin/edit-comments.php
+++ b/wp-admin/edit-comments.php
@@ -83,7 +83,7 @@ else
require_once('admin-header.php');
-$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : attr($_GET['mode']);
+$mode = ( ! isset($_GET['mode']) || empty($_GET['mode']) ) ? 'detail' : esc_attr($_GET['mode']);
$default_status = get_user_option('edit_comments_last_view');
if ( empty($default_status) )
@@ -94,10 +94,10 @@ if ( !in_array($comment_status, array('all', 'moderated', 'approved', 'spam')) )
if ( $comment_status != $default_status )
update_usermeta($current_user->ID, 'edit_comments_last_view', $comment_status);
-$comment_type = !empty($_GET['comment_type']) ? attr($_GET['comment_type']) : '';
+$comment_type = !empty($_GET['comment_type']) ? esc_attr($_GET['comment_type']) : '';
$search_dirty = ( isset($_GET['s']) ) ? $_GET['s'] : '';
-$search = attr( $search_dirty ); ?>
+$search = esc_attr( $search_dirty ); ?>
@@ -164,7 +164,7 @@ foreach ( $stati as $status => $label ) {
/*
// I toyed with this, but decided against it. Leaving it in here in case anyone thinks it is a good idea. ~ Mark
if ( !empty( $_GET['s'] ) )
- $link = add_query_arg( 's', attr( stripslashes( $_GET['s'] ) ), $link );
+ $link = add_query_arg( 's', esc_attr( stripslashes( $_GET['s'] ) ), $link );
*/
$status_links[] = " " . sprintf(
_n( $label[0], $label[1], $num_comments->$status ),
@@ -182,7 +182,7 @@ unset($status_links);
-
+
-
+
-
+
-
-
+
+
@@ -240,9 +240,9 @@ $page_links = paginate_links( array(
'' . number_format_i18n( $total ) . '',
$page_links
); echo $page_links_text; ?>
-
-
-
+
+
+
@@ -259,7 +259,7 @@ $page_links = paginate_links( array(
-
+
-
+
-
+
-
+
@@ -346,10 +346,10 @@ if ( $page_links )
-
+
-
+
@@ -360,12 +360,12 @@ if ( $page_links )
diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php
index d1240b2d5..eadb7071b 100644
--- a/wp-admin/edit-form-advanced.php
+++ b/wp-admin/edit-form-advanced.php
@@ -33,11 +33,11 @@ $notices[1] = __( 'There is an autosave of this post that is more recent than th
if ( 0 == $post_ID ) {
$form_action = 'post';
$temp_ID = -1 * time(); // don't change this formula without looking at wp_write_post()
- $form_extra = "";
+ $form_extra = "";
$autosave = false;
} else {
$form_action = 'editpost';
- $form_extra = "";
+ $form_extra = "";
$autosave = wp_get_post_autosave( $post_ID );
// Detect if there exists an autosave newer than the post and if that autosave is different than the post
@@ -72,15 +72,15 @@ function post_submit_meta_box($post) {
-
+
post_status && 'future' != $post->post_status && 'pending' != $post->post_status ) { ?>
-post_status ) { ?>style="display:none" type="submit" name="save" id="save-post" value="" tabindex="4" class="button button-highlighted" />
+post_status ) { ?>style="display:none" type="submit" name="save" id="save-post" value="" tabindex="4" class="button button-highlighted" />
post_status && $can_publish ) { ?>
-
+
@@ -129,7 +129,7 @@ switch ( $post->post_status ) {
post_status ) { ?>style="display:none;" class="edit-post-status hide-if-no-js" tabindex='4'>
-
+
-
+
@@ -166,7 +166,7 @@ if ( $page_links )
-
+
@@ -211,7 +211,7 @@ if ( $page_links )
-
+
diff --git a/wp-admin/edit-link-category-form.php b/wp-admin/edit-link-category-form.php
index ba13e5873..be52d1c01 100644
--- a/wp-admin/edit-link-category-form.php
+++ b/wp-admin/edit-link-category-form.php
@@ -57,17 +57,17 @@ _fill_empty_link_category($category);
-
-
+
+
-
+
diff --git a/wp-admin/edit-link-form.php b/wp-admin/edit-link-form.php
index 4cb903c7c..42085c1aa 100644
--- a/wp-admin/edit-link-form.php
+++ b/wp-admin/edit-link-form.php
@@ -60,7 +60,7 @@ function link_submit_meta_box($link) {
-
+
@@ -91,9 +91,9 @@ if ( !empty($_GET['action']) && 'edit' == $_GET['action'] && current_user_can('m
link_id) ) { ?>
-
+
-
+
@@ -139,8 +139,8 @@ function link_categories_meta_box($link) { ?>
-
-
+
+
@@ -185,7 +185,7 @@ function link_xfn_meta_box($link) {
|
- |
+ |
@@ -305,11 +305,11 @@ function link_advanced_meta_box($link) {
-
+
diff --git a/wp-admin/import/blogger.php b/wp-admin/import/blogger.php
index 8d119eab0..2642c2714 100644
--- a/wp-admin/import/blogger.php
+++ b/wp-admin/import/blogger.php
@@ -51,7 +51,7 @@ class Blogger_Import {
$welcome = __('Howdy! This importer allows you to import posts and comments from your Blogger account into your WordPress blog.');
$prereqs = __('To use this importer, you must have a Google account and an upgraded (New, was Beta) blog hosted on blogspot.com or a custom domain (not FTP).');
$stepone = __('The first thing you need to do is tell Blogger to let WordPress access your account. You will be sent back here after providing authorization.');
- $auth = _a('Authorize');
+ $auth = esc_attr__('Authorize');
echo "
@@ -214,7 +214,7 @@ class Blogger_Import {
$value = $continue;
else
$value = $authors;
- $value = attr($value);
+ $value = esc_attr($value);
$blogtitle = js_escape( $blog['title'] );
$pdone = isset($blog['posts_done']) ? (int) $blog['posts_done'] : 0;
$cdone = isset($blog['comments_done']) ? (int) $blog['comments_done'] : 0;
@@ -663,7 +663,7 @@ class Blogger_Import {
foreach ( $blog['authors'] as $i => $author )
$rows .= " | | ";
- return " $heading$blogtitle$directions ";
+ return " $heading$blogtitle$directions ";
}
function get_user_options($current) {
@@ -832,7 +832,7 @@ class Blogger_Import {
if ( $saved && !isset($_GET['noheader']) ) {
$restart = __('Restart');
$message = __('We have saved some information about your Blogger account in your WordPress database. Clearing this information will allow you to start over. Restarting will not affect any posts you have already imported. If you attempt to re-import a blog, duplicate posts and comments will be skipped.');
- $submit = _a('Clear account information');
+ $submit = esc_attr__('Clear account information');
echo " ";
}
}
diff --git a/wp-admin/import/btt.php b/wp-admin/import/btt.php
index 9224336aa..a2aab3ffd 100644
--- a/wp-admin/import/btt.php
+++ b/wp-admin/import/btt.php
@@ -35,7 +35,7 @@ class BunnyTags_Import {
echo ' '.__('Don’t be stupid - backup your database before proceeding!').' ';
echo ' ';
echo ' ';
}
@@ -105,7 +105,7 @@ class BunnyTags_Import {
echo '';
echo '';
}
diff --git a/wp-admin/import/dotclear.php b/wp-admin/import/dotclear.php
index 5d52fd6c6..611e88733 100644
--- a/wp-admin/import/dotclear.php
+++ b/wp-admin/import/dotclear.php
@@ -215,7 +215,7 @@ class Dotclear_Import {
echo '';
}
@@ -632,7 +632,7 @@ class Dotclear_Import {
echo '';
}
@@ -645,7 +645,7 @@ class Dotclear_Import {
echo '';
}
@@ -659,7 +659,7 @@ class Dotclear_Import {
echo '';
}
@@ -671,7 +671,7 @@ class Dotclear_Import {
echo '';
}
@@ -684,7 +684,7 @@ class Dotclear_Import {
echo '';
}
diff --git a/wp-admin/import/greymatter.php b/wp-admin/import/greymatter.php
index f16ec4357..7e06f67ce 100644
--- a/wp-admin/import/greymatter.php
+++ b/wp-admin/import/greymatter.php
@@ -66,7 +66,7 @@ class GM_Import {
so you need to enter the number of the last GM post here. (if you don’t know that number, just log into your FTP and look it out in the entries’ folder)') ?> |
-
+
footer();
diff --git a/wp-admin/import/jkw.php b/wp-admin/import/jkw.php
index bf7e26993..d21d79a35 100644
--- a/wp-admin/import/jkw.php
+++ b/wp-admin/import/jkw.php
@@ -34,11 +34,11 @@ class JeromesKeyword_Import {
echo ' '.__('Don’t be stupid - backup your database before proceeding!').' ';
echo ' ';
echo ' ';
echo ' ';
}
@@ -120,7 +120,7 @@ class JeromesKeyword_Import {
echo '';
echo '';
}
@@ -153,7 +153,7 @@ class JeromesKeyword_Import {
}
echo '';
echo '';
}
diff --git a/wp-admin/import/livejournal.php b/wp-admin/import/livejournal.php
index 18a27bcc5..759d9129d 100644
--- a/wp-admin/import/livejournal.php
+++ b/wp-admin/import/livejournal.php
@@ -181,12 +181,12 @@ class LJ_API_Import {
auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
approximately %d' ), get_option( 'ljapi_comment_batch' ), $batch ) ?>
-
+
auto_ajax( 'ljapi-auto-repost', 'auto-message', 0 ); ?>
';
$str .= wp_nonce_field( 'lj-api-import', '_wpnonce', true, false );
$str .= wp_referer_field( false );
- $str .= '';
- $str .= ' ';
+ $str .= '';
+ $str .= ' ';
$str .= '';
return $str;
diff --git a/wp-admin/import/mt.php b/wp-admin/import/mt.php
index fc10b63d8..7b7502040 100644
--- a/wp-admin/import/mt.php
+++ b/wp-admin/import/mt.php
@@ -39,14 +39,14 @@ class MT_Import {
mt-export.txt in your /wp-content/ directory and then click "Import mt-export.txt"'); ?>
-
out of memory error try splitting up the import file into pieces.'); ?>
@@ -207,12 +207,12 @@ class MT_Import {
$j = -1;
foreach ($authors as $author) {
++ $j;
- echo ' |