}
$sendback = wp_get_referer();
- if (strpos($sendback, 'post.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/post-new.php';
- elseif (strpos($sendback, 'attachments.php') !== false) $sendback = get_option('siteurl') .'/wp-admin/attachments.php';
+ if (strpos($sendback, 'post.php') !== false) $sendback = admin_url('post-new.php');
+ elseif (strpos($sendback, 'attachments.php') !== false) $sendback = admin_url('attachments.php');
$sendback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $sendback);
wp_redirect($sendback);
?>
<p id="post-search">
+ <label class="hidden" for="post-search-input"><?php _e( 'Search Posts' ); ?>:</label>
<input type="text" id="post-search-input" name="s" value="<?php the_search_query(); ?>" />
<input type="submit" value="<?php _e( 'Search Posts' ); ?>" class="button" />
</p>
if ( 1 == count($posts) && is_singular() ) :
- $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = $id AND comment_approved != 'spam' ORDER BY comment_date");
+ $comments = $wpdb->get_results( $wpdb->prepare("SELECT * FROM $wpdb->comments WHERE comment_post_ID = %d AND comment_approved != 'spam' ORDER BY comment_date", $id) );
if ( $comments ) :
// Make sure comments, post, and post_author are cached
update_comment_cache($comments);