golem
/
twentyGOLEM
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Put aria-required in the proper place, and use htmlspecialchars for sanitizing textarea output. Props Mike Schinkel 

git-svn-id: http://svn.automattic.com/wordpress/trunk@8853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith 2008-09-09 19:08:22 +00:00
parent f4bc8da1a7
commit 9fcac7ad2d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/includes/media.php
View File

@ -878,7 +878,7 @@ function get_media_item( $attachment_id, $args = null ) {
if ( !empty($field[$field['input']]) )
$item .= $field[$field['input']];
elseif ( $field['input'] == 'textarea' ) {
$item .= "<textarea type='text' id='$name' name='$name'>" . attribute_escape( $field['value'] ) . $aria_required . "</textarea>";
$item .= "<textarea type='text' id='$name' name='$name'" . $aria_required . ">" . htmlspecialchars( $field['value'] ) . "</textarea>";
} else {
$item .= "<input type='text' id='$name' name='$name' value='" . attribute_escape( $field['value'] ) . "'" . $aria_required . "/>";
}