diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index e261e8540..6a36c3a8e 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -216,28 +216,30 @@ function has_meta($postid) {
function list_meta($meta) {
global $post_ID;
// Exit if no meta
- if (!$meta) return;
-
-
- print "
-
-
-
-
+
+
+
escape( stripslashes( trim($_POST['metakeyselect']) ) );
+ $metakeyinput = $wpdb->escape( stripslashes( trim($_POST['metakeyinput']) ) );
+ $metavalue = $wpdb->escape( stripslashes( trim($_POST['metavalue']) ) );
if (!empty($metavalue) && ((('#NONE#' != $metakeyselect) && !empty($metakeyselect)) || !empty($metakeyinput))) {
// We have a key/value pair. If both the select and the
@@ -314,7 +310,7 @@ function add_meta($post_ID) {
function del_meta($mid) {
global $wpdb, $tablepostmeta;
-
+
$result = $wpdb->query("DELETE FROM $tablepostmeta WHERE meta_id = '$mid'");
}
diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php
index a5c1e9fdd..8cf4bf5cb 100644
--- a/wp-admin/edit-form-advanced.php
+++ b/wp-admin/edit-form-advanced.php
@@ -139,19 +139,6 @@ if ($action != 'editcomment') {
}
}
?>
-
-
-
-
-
-
@@ -179,11 +166,23 @@ if ('' != $pinged) {
if ($user_level > 4) {
touch_time(($action == 'edit'));
}
-if ('edit' == $action) echo "
-" . __('Delete this post') . "
";
?>
-
+
+
+
+
+
+
-
+