From 8d349aa85c0d0f2391a4326fc64a935a3f4cd615 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Sun, 23 Sep 2007 19:25:15 +0000
Subject: [PATCH] Add some filtering. Props jhodgdon. fixes #3595

git-svn-id: http://svn.automattic.com/wordpress/trunk@6160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/bookmark-template.php | 4 ++--
 wp-includes/deprecated.php        | 8 ++++----
 wp-links-opml.php                 | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/wp-includes/bookmark-template.php b/wp-includes/bookmark-template.php
index dcc2e4141..44ac6ba80 100644
--- a/wp-includes/bookmark-template.php
+++ b/wp-includes/bookmark-template.php
@@ -25,8 +25,8 @@ function _walk_bookmarks($bookmarks, $args = '' ) {
 		if ( '' != $rel )
 			$rel = ' rel="' . $rel . '"';
 
-		$desc = attribute_escape(apply_filters('link_description', $bookmark->link_description));
- 		$name = attribute_escape(apply_filters('link_title', $bookmark->link_name));
+		$desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
+		$name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
  		$title = $desc;
 
 		if ( $show_updated )
diff --git a/wp-includes/deprecated.php b/wp-includes/deprecated.php
index e20a71686..3bc3c0ca9 100644
--- a/wp-includes/deprecated.php
+++ b/wp-includes/deprecated.php
@@ -585,8 +585,8 @@ function get_links($category = -1,
 		if ( '' != $rel )
 			$rel = ' rel="' . $rel . '"';
 
-		$desc = attribute_escape($row->link_description);
-		$name = attribute_escape($row->link_name);
+		$desc = attribute_escape(sanitize_bookmark_field('link_description', $row->link_description, $row->link_id, 'display'));
+		$name = attribute_escape(sanitize_bookmark_field('link_name', $row->link_name, $row->link_id, 'display'));
 		$title = $desc;
 
 		if ( $show_updated )
@@ -667,7 +667,7 @@ function get_links_list($order = 'name', $hide_if_empty = 'obsolete') {
 			// Handle each category.
 
 			// Display the category name
-			echo '	<li id="linkcat-' . $cat->term_id . '" class="linkcat"><h2>' . $cat->name . "</h2>\n\t<ul>\n";
+			echo '  <li id="linkcat-' . $cat->term_id . '" class="linkcat"><h2>' . apply_filters('link_category', $cat->name ) . "</h2>\n\t<ul>\n";
 			// Call get_links() with all the appropriate params
 			get_links($cat->term_id, '<li>', "</li>", "\n", true, 'name', false);
 
@@ -704,7 +704,7 @@ function links_popup_script($text = 'Links', $width=400, $height=400, $file='lin
 
 
 function get_linkrating($link) {
-	return apply_filters('link_rating', $link->link_rating);
+	return sanitize_bookmark_field('link_rating', $link->link_rating, $link->link_id, 'display');
 }
 
 /** function get_linkcatname()
diff --git a/wp-links-opml.php b/wp-links-opml.php
index 5f97a5e76..2ee775168 100644
--- a/wp-links-opml.php
+++ b/wp-links-opml.php
@@ -17,7 +17,7 @@ if ((empty ($link_cat)) || ($link_cat == 'all') || ($link_cat == '0')) {
 <!-- generator="wordpress/<?php bloginfo_rss('version') ?>" -->
 <opml version="1.0">
 	<head>
-		<title>Links for <?php echo attribute_escape(get_bloginfo('name').$cat_name); ?></title>
+		<title>Links for <?php echo attribute_escape(get_bloginfo('name', 'display').$cat_name); ?></title>
 		<dateCreated><?php echo gmdate("D, d M Y H:i:s"); ?> GMT</dateCreated>
 	</head>
 	<body>