X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/98a4d31e52bd56c908617df281730bd4ba58d110..refs/tags/wordpress-2.9:/wp-includes/comment-template.php diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index e87801b6..321080af 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -338,6 +338,8 @@ function get_comment_class( $class = '', $comment_id = null, $post_id = null ) { $classes = array_merge($classes, $class); } + $classes = array_map('esc_attr', $classes); + return apply_filters('comment_class', $classes, $class, $comment_id, $post_id); } @@ -530,7 +532,7 @@ function get_comments_number( $post_id = 0 ) { else $count = $post->comment_count; - return apply_filters('get_comments_number', $count); + return apply_filters('get_comments_number', $count, $post_id); } /** @@ -597,12 +599,12 @@ function comment_text() { */ function get_comment_time( $d = '', $gmt = false, $translate = true ) { global $comment; - $comment_date = $gmt? $comment->comment_date_gmt : $comment->comment_date; + $comment_date = $gmt ? $comment->comment_date_gmt : $comment->comment_date; if ( '' == $d ) $date = mysql2date(get_option('time_format'), $comment_date, $translate); else $date = mysql2date($d, $comment_date, $translate); - return apply_filters('get_comment_time', $date, $d, $gmt); + return apply_filters('get_comment_time', $date, $d, $gmt, $translate); } /** @@ -811,7 +813,7 @@ function wp_comment_form_unfiltered_html_nonce() { function comments_template( $file = '/comments.php', $separate_comments = false ) { global $wp_query, $withcomments, $post, $wpdb, $id, $comment, $user_login, $user_ID, $user_identity, $overridden_cpage; - if ( ! (is_single() || is_page() || $withcomments) ) + if ( !(is_single() || is_page() || $withcomments) || empty($post) ) return; if ( empty($file) ) @@ -833,12 +835,12 @@ function comments_template( $file = '/comments.php', $separate_comments = false /** * The email address of the current comment author escaped for use in attributes. - */ + */ $comment_author_email = $commenter['comment_author_email']; // Escaped by sanitize_comment_cookies() /** * The url of the current comment author escaped for use in attributes. - */ + */ $comment_author_url = esc_url($commenter['comment_author_url']); /** @todo Use API instead of SELECTs. */ @@ -940,7 +942,7 @@ function comments_popup_link( $zero = false, $one = false, $more = false, $css_c $number = get_comments_number( $id ); if ( 0 == $number && !comments_open() && !pings_open() ) { - echo '' . $none . ''; + echo '' . $none . ''; return; } @@ -968,11 +970,11 @@ function comments_popup_link( $zero = false, $one = false, $more = false, $css_c if ( !empty( $css_class ) ) { echo ' class="'.$css_class.'" '; } - $title = esc_attr( get_the_title() ); + $title = the_title_attribute( 'echo=0' ); echo apply_filters( 'comments_popup_link_attributes', '' ); - echo ' title="' . sprintf( __('Comment on %s'), $title ) . '">'; + echo ' title="' . esc_attr( sprintf( __('Comment on %s'), $title ) ) . '">'; comments_number( $zero, $one, $more, $number ); echo ''; } @@ -1253,7 +1255,7 @@ class Walker_Comment extends Walker { } ?> < id="comment-"> - +
@@ -1272,7 +1274,7 @@ class Walker_Comment extends Walker {
$add_below, 'depth' => $depth, 'max_depth' => $args['max_depth']))) ?>
- +