Changeset 4950 for trunk/includes/admin/forums.php

Timestamp:

05/27/2013 06:16:35 AM (13 years ago)

Author:

johnjamesjacoby

Message:

In admin, escape output of translated text where appropriate. Also review and refresh existing escaping approaches. See #1999.

File:

• trunk/includes/admin/forums.php (modified) (2 diffs)

trunk/includes/admin/forums.php

@@ -449 +449 @@
 
             case 'bbp_forum_created':
-                printf( __( '%1$s <br /> %2$s', 'bbpress' ),
+                printf( '%1$s <br /> %2$s',
                     get_the_date(),
                     esc_attr( get_the_time() )
@@ -459 +459 @@
                 $last_active = bbp_get_forum_last_active_time( $forum_id, false );
                 if ( !empty( $last_active ) )
-                    echo $last_active;
+                    echo esc_html( $last_active );
                 else
-                    _e( 'No Topics', 'bbpress' );
+                    esc_html_e( 'No Topics', 'bbpress' );
 
                 break;