]> scripts.mit.edu Git - autoinstalls/wordpress.git/blobdiff - wp-admin/sidebar.php
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Wordpress 2.8.5-scripts
[autoinstalls/wordpress.git] / wp-admin / sidebar.php
diff --git a/wp-admin/sidebar.php b/wp-admin/sidebar.php
index 210c0b9bfdc2b6b4fcbb91bf70547a2a39a539c0..62a375d40b73ed6472d6ac643f5f2a8b9c57128e 100644 (file)
--- a/wp-admin/sidebar.php
+++ b/wp-admin/sidebar.php
@@ -88,10 +88,10 @@ form {
 <form name="post" action="post.php" method="post">
 <div>
 <input type="hidden" name="action" value="post" />
 <form name="post" action="post.php" method="post">
 <div>
 <input type="hidden" name="action" value="post" />
-<input type="hidden" name="user_ID" value="<?php echo $user_ID ?>" />
+<input type="hidden" name="user_ID" value="<?php echo esc_attr($user_ID) ?>" />
 <input type="hidden" name="mode" value="sidebar" />
 <input type="hidden" name="mode" value="sidebar" />
-<input type="hidden" name="ping_status" value="<?php echo $post->ping_status; ?>" />
-<input type="hidden" name="comment_status" value="<?php echo $post->comment_status; ?>" />
+<input type="hidden" name="ping_status" value="<?php echo esc_attr($post->ping_status); ?>" />
+<input type="hidden" name="comment_status" value="<?php echo esc_attr($post->comment_status); ?>" />
 <?php wp_nonce_field('add-post');
 
 if ( 'b' == $_GET['a'] )
 <?php wp_nonce_field('add-post');
 
 if ( 'b' == $_GET['a'] )
@@ -116,9 +116,9 @@ elseif ( 'c' == $_GET['a'] )
 </div>
 
 <p>
 </div>
 
 <p>
-<input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" accesskey="s" class="button" value="<?php _e('Save as Draft'); ?>" />
+<input name="saveasdraft" type="submit" id="saveasdraft" tabindex="9" accesskey="s" class="button" value="<?php esc_attr_e('Save as Draft'); ?>" />
 <?php if ( current_user_can('publish_posts') ) : ?>
 <?php if ( current_user_can('publish_posts') ) : ?>
-<input name="publish" type="submit" id="publish" tabindex="6" accesskey="p" value="<?php _e('Publish') ?>" class="button button-highlighted" />
+<input name="publish" type="submit" id="publish" tabindex="6" accesskey="p" value="<?php esc_attr_e('Publish') ?>" class="button button-highlighted" />
 <?php endif; ?>
 </p>
 </div>
 <?php endif; ?>
 </p>
 </div>
WordPress autoinstaller for phpBB