-function edit_link( $link_id = '' ) {
- if (!current_user_can( 'manage_links' ))
- wp_die( __( 'Cheatin’ uh?' ));
-
- $_POST['link_url'] = wp_specialchars( $_POST['link_url'] );
- $_POST['link_url'] = clean_url($_POST['link_url']);
- $_POST['link_name'] = wp_specialchars( $_POST['link_name'] );
- $_POST['link_image'] = wp_specialchars( $_POST['link_image'] );
- $_POST['link_rss'] = clean_url($_POST['link_rss']);
+/**
+ * Update or insert a link using values provided in $_POST.
+ *
+ * @since 2.0.0
+ *
+ * @param int $link_id Optional. ID of the link to edit.
+ * @return int|WP_Error Value 0 or WP_Error on failure. The link ID on success.
+ */
+function edit_link( $link_id = 0 ) {
+ if ( !current_user_can( 'manage_links' ) )
+ wp_die( __( 'Cheatin’ uh?' ) );
+
+ $_POST['link_url'] = esc_html( $_POST['link_url'] );
+ $_POST['link_url'] = esc_url($_POST['link_url']);
+ $_POST['link_name'] = esc_html( $_POST['link_name'] );
+ $_POST['link_image'] = esc_html( $_POST['link_image'] );
+ $_POST['link_rss'] = esc_url($_POST['link_rss']);
+ if ( !isset($_POST['link_visible']) || 'N' != $_POST['link_visible'] )
+ $_POST['link_visible'] = 'Y';