X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/fa11948979fd6a4ea5705dc613b239699a459db3..53f4633144ed68c8b8fb5861f992b5489894a940:/wp-admin/credits.php
diff --git a/wp-admin/credits.php b/wp-admin/credits.php
index 059adc7c..33ae7081 100644
--- a/wp-admin/credits.php
+++ b/wp-admin/credits.php
@@ -18,7 +18,7 @@ $title = __( 'Credits' );
*
* @since 3.2.0
*
- * @return array A list of all of the contributors.
+ * @return array|false A list of all of the contributors, or false on error.
*/
function wp_credits() {
global $wp_version;
@@ -27,6 +27,7 @@ function wp_credits() {
$results = get_site_transient( 'wordpress_credits_' . $locale );
if ( ! is_array( $results )
+ || false !== strpos( $wp_version, '-' )
|| ( isset( $results['data']['version'] ) && strpos( $wp_version, $results['data']['version'] ) !== 0 )
) {
$response = wp_remote_get( "http://api.wordpress.org/core/credits/1.1/?version=$wp_version&locale=$locale" );
@@ -52,9 +53,8 @@ function wp_credits() {
* @since 3.2.0
*
* @param string &$display_name The contributor's display name, passed by reference.
- * @param string $user_name The contributor's username.
+ * @param string $username The contributor's username.
* @param string $profiles URL to the contributor's WordPress.org profile page.
- * @return string A contributor's display name, hyperlinked to a WordPress.org profile page.
*/
function _wp_credits_add_profile_link( &$display_name, $username, $profiles ) {
$display_name = '' . esc_html( $display_name ) . '';
@@ -67,10 +67,9 @@ function _wp_credits_add_profile_link( &$display_name, $username, $profiles ) {
* @since 3.2.0
*
* @param string &$data External library data, passed by reference.
- * @return string Link to the external library.
*/
function _wp_credits_build_object_link( &$data ) {
- $data = '' . $data[0] . '';
+ $data = '' . esc_html( $data[0] ) . '';
}
list( $display_version ) = explode( '-', $wp_version );
@@ -81,7 +80,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
-
+
@@ -101,17 +100,15 @@ $credits = wp_credits();
if ( ! $credits ) {
echo '' . sprintf( __( 'WordPress is created by a worldwide team of passionate individuals. Get involved in WordPress.' ),
- 'http://wordpress.org/about/',
+ 'https://wordpress.org/about/',
/* translators: Url to the codex documentation on contributing to WordPress used on the credits page */
- __( 'http://codex.wordpress.org/Contributing_to_WordPress' ) ) . '
';
+ __( 'https://codex.wordpress.org/Contributing_to_WordPress' ) ) . '';
include( ABSPATH . 'wp-admin/admin-footer.php' );
exit;
}
echo '' . __( 'WordPress is created by a worldwide team of passionate individuals.' ) . "
\n";
-$gravatar = is_ssl() ? 'https://secure.gravatar.com/avatar/' : 'http://0.gravatar.com/avatar/';
-
foreach ( $credits['groups'] as $group_slug => $group_data ) {
if ( $group_data['name'] ) {
if ( 'Translators' == $group_data['name'] ) {
@@ -123,7 +120,7 @@ foreach ( $credits['groups'] as $group_slug => $group_data ) {
$title = translate( $group_data['name'] );
}
- echo '' . $title . "
\n";
+ echo '' . esc_html( $title ) . "
\n";
}
if ( ! empty( $group_data['shuffle'] ) )
@@ -143,11 +140,14 @@ foreach ( $credits['groups'] as $group_slug => $group_data ) {
$classes = 'wp-people-group ' . ( $compact ? 'compact' : '' );
echo ' ![' . esc_attr( $person_data[0] ) . '](' . $gravatar . $person_data[1] . '?s=' . $size . '){kind=avatar}
' . "\n\t";
- echo '' . $person_data[0] . "\n\t";
+ echo '