Skip to:
Content

bbPress.org

Ticket #2367: 2367.patch

File 2367.patch, 10.4 KB (added by johnjamesjacoby, 12 years ago)
  • includes/common/ajax.php

     
    2121 * @uses bbp_get_ajax_url() To get the URL to use for AJAX requests
    2222 */
    2323function bbp_ajax_url() {
    24         echo bbp_get_ajax_url();
     24        echo esc_url( bbp_get_ajax_url() );
    2525}
    2626        /**
    2727         * Return the URL to use for theme-side bbPress AJAX requests
  • includes/common/template-tags.php

     
    2424 * @param string $path Additional path with leading slash
    2525 */
    2626function bbp_forums_url( $path = '/' ) {
    27         echo bbp_get_forums_url( $path );
     27        echo esc_url( bbp_get_forums_url( $path ) );
    2828}
    2929        /**
    3030         * Return the forum URL
     
    4848 * @param string $path Additional path with leading slash
    4949 */
    5050function bbp_topics_url( $path = '/' ) {
    51         echo bbp_get_topics_url( $path );
     51        echo esc_url( bbp_get_topics_url( $path ) );
    5252}
    5353        /**
    5454         * Return the forum URL
     
    19441944 * @uses bbp_get_view_url() To get the view url
    19451945 */
    19461946function bbp_view_url( $view = false ) {
    1947         echo bbp_get_view_url( $view );
     1947        echo esc_url( bbp_get_view_url( $view ) );
    19481948}
    19491949        /**
    19501950         * Return the view url
  • includes/forums/template-tags.php

     
    230230 * @uses bbp_get_forum_permalink() To get the permalink
    231231 */
    232232function bbp_forum_permalink( $forum_id = 0 ) {
    233         echo bbp_get_forum_permalink( $forum_id );
     233        echo esc_url( bbp_get_forum_permalink( $forum_id ) );
    234234}
    235235        /**
    236236         * Return the link to the forum
     
    806806 *                                             permanent link
    807807 */
    808808function bbp_forum_last_topic_permalink( $forum_id = 0 ) {
    809         echo bbp_get_forum_last_topic_permalink( $forum_id );
     809        echo esc_url( bbp_get_forum_last_topic_permalink( $forum_id ) );
    810810}
    811811        /**
    812812         * Return the link to the last topic in a forum
     
    948948 * @uses bbp_get_forum_last_reply_permalink() To get the forum last reply link
    949949 */
    950950function bbp_forum_last_reply_permalink( $forum_id = 0 ) {
    951         echo bbp_get_forum_last_reply_permalink( $forum_id );
     951        echo esc_url( bbp_get_forum_last_reply_permalink( $forum_id ) );
    952952}
    953953        /**
    954954         * Return the link to the last reply in a forum
     
    977977 * @uses bbp_get_forum_last_reply_url() To get the forum last reply url
    978978 */
    979979function bbp_forum_last_reply_url( $forum_id = 0 ) {
    980         echo bbp_get_forum_last_reply_url( $forum_id );
     980        echo esc_url( bbp_get_forum_last_reply_url( $forum_id ) );
    981981}
    982982        /**
    983983         * Return the url to the last reply in a forum
  • includes/replies/template-tags.php

     
    366366 * @uses bbp_get_reply_permalink() To get the reply permalink
    367367 */
    368368function bbp_reply_permalink( $reply_id = 0 ) {
    369         echo bbp_get_reply_permalink( $reply_id );
     369        echo esc_url( bbp_get_reply_permalink( $reply_id ) );
    370370}
    371371        /**
    372372         * Return the link to the reply
     
    394394 * @uses bbp_get_reply_url() To get the reply url
    395395 */
    396396function bbp_reply_url( $reply_id = 0 ) {
    397         echo bbp_get_reply_url( $reply_id );
     397        echo esc_url( bbp_get_reply_url( $reply_id ) );
    398398}
    399399        /**
    400400         * Return the paginated url to the reply in the reply loop
     
    11801180 * @uses bbp_get_reply_author_url() To get the reply author url
    11811181 */
    11821182function bbp_reply_author_url( $reply_id = 0 ) {
    1183         echo bbp_get_reply_author_url( $reply_id );
     1183        echo esc_url( bbp_get_reply_author_url( $reply_id ) );
    11841184}
    11851185        /**
    11861186         * Return the author url of the reply
     
    18511851 * @uses bbp_get_reply_edit_url() To get the reply edit url
    18521852 */
    18531853function bbp_reply_edit_url( $reply_id = 0 ) {
    1854         echo bbp_get_reply_edit_url( $reply_id );
     1854        echo esc_url( bbp_get_reply_edit_url( $reply_id ) );
    18551855}
    18561856        /**
    18571857         * Return URL to the reply edit page
  • includes/search/template-tags.php

     
    246246 * @uses bbp_get_search_url() To get the search url
    247247 */
    248248function bbp_search_url() {
    249         echo bbp_get_search_url();
     249        echo esc_url( bbp_get_search_url() );
    250250}
    251251        /**
    252252         * Return the search url
     
    284284 * @uses bbp_get_search_url() To get the search url
    285285 */
    286286function bbp_search_results_url() {
    287         echo bbp_get_search_results_url();
     287        echo esc_url( bbp_get_search_results_url() );
    288288}
    289289        /**
    290290         * Return the search url
  • includes/topics/template-tags.php

     
    512512 * @uses bbp_get_topic_permalink() To get the topic permalink
    513513 */
    514514function bbp_topic_permalink( $topic_id = 0, $redirect_to = '' ) {
    515         echo bbp_get_topic_permalink( $topic_id, $redirect_to );
     515        echo esc_url( bbp_get_topic_permalink( $topic_id, $redirect_to ) );
    516516}
    517517        /**
    518518         * Return the link to the topic
     
    14761476 * @uses bbp_get_topic_author_url() To get the topic author url
    14771477 */
    14781478function bbp_topic_author_url( $topic_id = 0 ) {
    1479         echo bbp_get_topic_author_url( $topic_id );
     1479        echo esc_url( bbp_get_topic_author_url( $topic_id ) );
    14801480}
    14811481
    14821482        /**
     
    18141814 * @uses bbp_get_topic_last_reply_permalink() To get the topic's last reply link
    18151815 */
    18161816function bbp_topic_last_reply_permalink( $topic_id = 0 ) {
    1817         echo bbp_get_topic_last_reply_permalink( $topic_id );
     1817        echo esc_url( bbp_get_topic_last_reply_permalink( $topic_id ) );
    18181818}
    18191819        /**
    18201820         * Return the link to the last reply in a topic
     
    18431843 * @uses bbp_get_topic_last_reply_url() To get the topic last reply url
    18441844 */
    18451845function bbp_topic_last_reply_url( $topic_id = 0 ) {
    1846         echo bbp_get_topic_last_reply_url( $topic_id );
     1846        echo esc_url( bbp_get_topic_last_reply_url( $topic_id ) );
    18471847}
    18481848        /**
    18491849         * Return the link to the last reply in a topic
     
    19061906                $time_since = bbp_get_topic_last_active_time( $topic_id );
    19071907
    19081908                if ( !empty( $time_since ) )
    1909                         $anchor = '<a href="' . $link_url . '" title="' . esc_attr( $title ) . '">' . $time_since . '</a>';
     1909                        $anchor = '<a href="' . esc_url( $link_url ) . '" title="' . esc_attr( $title ) . '">' . esc_html( $time_since ) . '</a>';
    19101910                else
    19111911                        $anchor = __( 'No Replies', 'bbpress' );
    19121912
     
    23582358                if ( empty( $uri ) )
    23592359                        return;
    23602360
    2361                 $retval = $r['link_before'] . '<a href="' . $uri . '">' . $r['edit_text'] . '</a>' . $r['link_after'];
     2361                $retval = $r['link_before'] . '<a href="' . esc_url( $uri ) . '">' . $r['edit_text'] . '</a>' . $r['link_after'];
    23622362
    23632363                return apply_filters( 'bbp_get_topic_edit_link', $retval, $r );
    23642364        }
     
    23722372 * @uses bbp_get_topic_edit_url() To get the topic edit url
    23732373 */
    23742374function bbp_topic_edit_url( $topic_id = 0 ) {
    2375         echo bbp_get_topic_edit_url( $topic_id );
     2375        echo esc_url( bbp_get_topic_edit_url( $topic_id ) );
    23762376}
    23772377        /**
    23782378         * Return URL to the topic edit page
     
    32423242 * @uses bbp_get_topic_tag_link()
    32433243 */
    32443244function bbp_topic_tag_link( $tag = '' ) {
    3245         echo bbp_get_topic_tag_link( $tag );
     3245        echo esc_url( bbp_get_topic_tag_link( $tag ) );
    32463246}
    32473247        /**
    32483248         * Return the link of the current tag
     
    32863286 * @uses bbp_get_topic_tag_edit_link()
    32873287 */
    32883288function bbp_topic_tag_edit_link( $tag = '' ) {
    3289         echo bbp_get_topic_tag_edit_link( $tag );
     3289        echo esc_url( bbp_get_topic_tag_edit_link( $tag ) );
    32903290}
    32913291        /**
    32923292         * Return the link of the current tag
  • includes/users/template-tags.php

     
    255255                        return false;
    256256
    257257                $user      = get_userdata( $user_id );
    258                 $name      = esc_attr( $user->display_name );
    259                 $user_link = '<a href="' . bbp_get_user_profile_url( $user_id ) . '">' . $name . '</a>';
     258                $user_link = '<a href="' . esc_url( bbp_get_user_profile_url( $user_id ) ) . '">' . esc_html( $user->display_name ) . '</a>';
    260259
    261260                return apply_filters( 'bbp_get_user_profile_link', $user_link, $user_id );
    262261        }
     
    323322 * @uses bbp_get_user_profile_url() To get user profile url
    324323 */
    325324function bbp_user_profile_url( $user_id = 0, $user_nicename = '' ) {
    326         echo bbp_get_user_profile_url( $user_id, $user_nicename );
     325        echo esc_url( bbp_get_user_profile_url( $user_id, $user_nicename ) );
    327326}
    328327        /**
    329328         * Return URL to the profile page of a user
     
    406405                        return false;
    407406
    408407                $user      = get_userdata( $user_id );
    409                 $name      = $user->display_name;
    410                 $edit_link = '<a href="' . bbp_get_user_profile_url( $user_id ) . '">' . $name . '</a>';
     408                $edit_link = '<a href="' . esc_url( bbp_get_user_profile_url( $user_id ) ) . '">' . esc_html( $user->display_name ) . '</a>';
    411409                return apply_filters( 'bbp_get_user_profile_edit_link', $edit_link, $user_id );
    412410        }
    413411
     
    421419 * @uses bbp_get_user_profile_edit_url() To get user profile edit url
    422420 */
    423421function bbp_user_profile_edit_url( $user_id = 0, $user_nicename = '' ) {
    424         echo bbp_get_user_profile_edit_url( $user_id, $user_nicename );
     422        echo esc_url( bbp_get_user_profile_edit_url( $user_id, $user_nicename ) );
    425423}
    426424        /**
    427425         * Return URL to the profile edit page of a user
     
    562560                        'after'  => ''
    563561                ), 'get_admin_link' );
    564562
    565                 $retval = $r['before'] . '<a href="' . admin_url() . '">' . $r['text'] . '</a>' . $r['after'];
     563                $retval = $r['before'] . '<a href="' . esc_url( admin_url() ) . '">' . $r['text'] . '</a>' . $r['after'];
    566564
    567565                return apply_filters( 'bbp_get_admin_link', $retval, $r );
    568566        }
     
    625623 * @uses bbp_get_favorites_permalink() To get the favorites permalink
    626624 */
    627625function bbp_favorites_permalink( $user_id = 0 ) {
    628         echo bbp_get_favorites_permalink( $user_id );
     626        echo esc_url( bbp_get_favorites_permalink( $user_id ) );
    629627}
    630628        /**
    631629         * Return the link to the user's favorites page (profile page)
     
    787785 * @uses bbp_get_subscriptions_permalink() To get the subscriptions link
    788786 */
    789787function bbp_subscriptions_permalink( $user_id = 0 ) {
    790         echo bbp_get_subscriptions_permalink( $user_id );
     788        echo esc_url( bbp_get_subscriptions_permalink( $user_id ) );
    791789}
    792790        /**
    793791         * Return the link to the user's subscriptions page (profile page)
     
    11151113 * @uses bbp_get_favorites_permalink() To get the favorites permalink
    11161114 */
    11171115function bbp_user_topics_created_url( $user_id = 0 ) {
    1118         echo bbp_get_user_topics_created_url( $user_id );
     1116        echo esc_url( bbp_get_user_topics_created_url( $user_id ) );
    11191117}
    11201118        /**
    11211119         * Return the link to the user's topics
     
    11751173 * @uses bbp_get_favorites_permalink() To get the favorites permalink
    11761174 */
    11771175function bbp_user_replies_created_url( $user_id = 0 ) {
    1178         echo bbp_get_user_replies_created_url( $user_id );
     1176        echo esc_url( bbp_get_user_replies_created_url( $user_id ) );
    11791177}
    11801178        /**
    11811179         * Return the link to the user's replies