X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/699231ae09f7057a4d0000cdf32e50a3df6a04ca..9b5673a7aae863ab45c3b73460060352c5b3810b:/wp-admin/includes/template.php
diff --git a/wp-admin/includes/template.php b/wp-admin/includes/template.php
index e3981f22..fd7e76f9 100644
--- a/wp-admin/includes/template.php
+++ b/wp-admin/includes/template.php
@@ -847,7 +847,7 @@ function get_hidden_columns($screen) {
* @param string $screen
*/
function inline_edit_row( $screen ) {
- global $current_user, $mode;
+ global $mode;
if ( is_string($screen) ) {
$screen = array('id' => 'edit-' . $screen, 'base' => 'edit', 'post_type' => $screen );
@@ -928,7 +928,7 @@ endif; // post_type_supports title ?>
post_type, 'author' ) ) :
- $authors = get_editable_user_ids( $current_user->id, true, $screen->post_type ); // TODO: ROLE SYSTEM
+ $authors = get_editable_user_ids( get_current_user_id(), true, $screen->post_type ); // TODO: ROLE SYSTEM
$authors_dropdown = '';
if ( $authors && count( $authors ) > 1 ) :
$users_opt = array('include' => $authors, 'name' => 'post_author', 'class'=> 'authors', 'multi' => 1, 'echo' => 0);
@@ -1185,16 +1185,16 @@ function get_inline_data($post) {
if ( ! current_user_can($post_type_object->cap->edit_post, $post->ID) )
return;
- $title = esc_attr( get_the_title( $post->ID ) );
+ $title = htmlspecialchars( trim( $post->post_title ), ENT_QUOTES );
echo '
' . $title . '
' . apply_filters('editable_slug', $post->post_name) . '
' . $post->post_author . '
-
-
' . $post->ping_status . '
-
' . $post->post_status . '
+
+
' . esc_html( $post->ping_status ) . '
+
' . esc_html( $post->post_status ) . '
' . mysql2date( 'd', $post->post_date, false ) . '
' . mysql2date( 'm', $post->post_date, false ) . '
' . mysql2date( 'Y', $post->post_date, false ) . '
@@ -1269,7 +1269,7 @@ function post_rows( $posts = array() ) {
* @param unknown_type $mode
*/
function _post_row($a_post, $pending_comments, $mode) {
- global $post, $current_user, $current_screen;
+ global $post, $current_screen;
static $rowclass;
$global_post = $post;
@@ -1277,7 +1277,7 @@ function _post_row($a_post, $pending_comments, $mode) {
setup_postdata($post);
$rowclass = 'alternate' == $rowclass ? '' : 'alternate';
- $post_owner = ( $current_user->ID == $post->post_author ? 'self' : 'other' );
+ $post_owner = ( get_current_user_id() == $post->post_author ? 'self' : 'other' );
$edit_link = get_edit_post_link( $post->ID );
$title = _draft_or_post_title();
$post_type_object = get_post_type_object($post->post_type);
@@ -1390,7 +1390,7 @@ function _post_row($a_post, $pending_comments, $mode) {
if ( !empty( $categories ) ) {
$out = array();
foreach ( $categories as $c )
- $out[] = "
" . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "";
+ $out[] = "
" . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'category', 'display')) . "";
echo join( ', ', $out );
} else {
_e('Uncategorized');
@@ -1406,7 +1406,7 @@ function _post_row($a_post, $pending_comments, $mode) {
if ( !empty( $tags ) ) {
$out = array();
foreach ( $tags as $c )
- $out[] = "
" . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "";
+ $out[] = "
" . esc_html(sanitize_term_field('name', $c->name, $c->term_id, 'post_tag', 'display')) . "";
echo join( ', ', $out );
} else {
_e('No Tags');
@@ -1795,8 +1795,6 @@ function _page_rows( &$children_pages, &$count, $parent, $level, $pagenum, $per_
function user_row( $user_object, $style = '', $role = '', $numposts = 0 ) {
global $wp_roles;
- $current_user = wp_get_current_user();
-
if ( !( is_object( $user_object) && is_a( $user_object, 'WP_User' ) ) )
$user_object = new WP_User( (int) $user_object );
$user_object = sanitize_user_object($user_object, 'display');
@@ -1813,7 +1811,7 @@ function user_row( $user_object, $style = '', $role = '', $numposts = 0 ) {
if ( current_user_can( 'list_users' ) ) {
// Set up the user editing link
// TODO: make profile/user-edit determination a separate function
- if ($current_user->ID == $user_object->ID) {
+ if ( get_current_user_id() == $user_object->ID) {
$edit_link = 'profile.php';
} else {
$edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( esc_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ), "user-edit.php?user_id=$user_object->ID" ) );
@@ -1830,9 +1828,9 @@ function user_row( $user_object, $style = '', $role = '', $numposts = 0 ) {
$edit = "
$user_object->user_login";
}
- if ( !is_multisite() && $current_user->ID != $user_object->ID && current_user_can('delete_user', $user_object->ID) )
+ if ( !is_multisite() && get_current_user_id() != $user_object->ID && current_user_can('delete_user', $user_object->ID) )
$actions['delete'] = "
" . __('Delete') . "";
- if ( is_multisite() && $current_user->ID != $user_object->ID && current_user_can('remove_user', $user_object->ID) )
+ if ( is_multisite() && get_current_user_id() != $user_object->ID && current_user_can('remove_user', $user_object->ID) )
$actions['remove'] = "
" . __('Remove') . "";
$actions = apply_filters('user_row_actions', $actions, $user_object);
$action_count = count($actions);
@@ -2225,8 +2223,6 @@ function _wp_comment_row( $comment_id, $mode, $comment_status, $checkbox = true,
* @param unknown_type $mode
*/
function wp_comment_reply($position = '1', $checkbox = false, $mode = 'single', $table_row = true) {
- global $current_user;
-
// allow plugin to replace the popup content
$content = apply_filters( 'wp_comment_reply', '', array('position' => $position, 'checkbox' => $checkbox, 'mode' => $mode) );
@@ -2278,7 +2274,7 @@ function wp_comment_reply($position = '1', $checkbox = false, $mode = 'single',
-
+