HostForge-Systems/wordpress
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use js_escape. Props nbachiyski. fixes #3399

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@4535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan
2006-11-28 21:51:13 +00:00
parent 950ad14094
commit cc44db510d
15 changed files with 61 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/moderation.php
View File

@@ -135,7 +135,7 @@ $i = 0;
<?php comment_text() ?>
<p><?php comment_date('M j, g:i A'); ?> &#8212; [ <?php
echo '<a href="comment.php?action=editcomment&amp;c='.$comment->comment_ID.'">' . __('Edit') . '</a> | ';
echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), js_escape($comment->comment_author)) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
echo " <a href=\"post.php?action=deletecomment&amp;p=".$comment->comment_post_ID."&amp;comment=".$comment->comment_ID."\" onclick=\"return deleteSomething( 'comment', $comment->comment_ID, '" . js_escape(sprintf(__("You are about to delete this comment by &quot;%s&quot;.\\n&quot;Cancel&quot; to stop, &quot;OK&quot; to delete."), $comment->comment_author )) . "', theCommentList );\">" . __('Delete ') . "</a> | "; ?>
<?php
$post = get_post($comment->comment_post_ID);
$post_title = wp_specialchars( $post->post_title, 'double' );