mirror_php/wordpress
1
0
Fork 0
mirror of git://develop.git.wordpress.org/ synced 2025-04-06 21:23:29 +02:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity

Coding Standards: Improve escaping in wp-admin/theme-install.php.

Browse Source 
* Rename a duplicate `$feature_name` variable to `$feature_group` for clarity.
* Escape the remaining `$feature_name` variable.

Follow-up to [27636], [35273].

Props sabbirshouvo, sabernhardt, mukesh27, afragen.
Fixes #54277.

git-svn-id: https://develop.svn.wordpress.org/trunk@51923 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov 2021-10-20 19:17:00 +00:00
parent caec0f8b4c
commit 85d529d100
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/wp-admin/theme-install.php
View File

@ -221,15 +221,14 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
// and to ensure tags are translated.
$feature_list = get_theme_feature_list( false );
foreach ( $feature_list as $feature_name => $features ) {
foreach ( $feature_list as $feature_group => $features ) {
echo '<fieldset class="filter-group">';
$feature_name = esc_html( $feature_name );
echo '<legend>' . $feature_name . '</legend>';
echo '<legend>' . esc_html( $feature_group ) . '</legend>';
echo '<div class="filter-group-feature">';
foreach ( $features as $feature => $feature_name ) {
$feature = esc_attr( $feature );
echo '<input type="checkbox" id="filter-id-' . $feature . '" value="' . $feature . '" /> ';
echo '<label for="filter-id-' . $feature . '">' . $feature_name . '</label>';
echo '<label for="filter-id-' . $feature . '">' . esc_html( $feature_name ) . '</label>';
}
echo '</div>';
echo '</fieldset>';