Filter HTML entities when inserting strings with js, includes patch by nbachiyski, fixes #8254

git-svn-id: https://develop.svn.wordpress.org/trunk@9809 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Ozz 2008-11-20 10:54:59 +00:00
parent abecad5356
commit 2f23018db2
3 changed files with 26 additions and 34 deletions

View File

@ -28,6 +28,20 @@ wp_admin_css( 'css/ie' );
<script type="text/javascript">
//<![CDATA[
addLoadEvent = function(func) {if (typeof jQuery != "undefined") jQuery(document).ready(func); else if (typeof wpOnload!='function'){wpOnload=func;} else {var oldonload=wpOnload; wpOnload=function(){oldonload();func();}}};
function convertEntities(o) {
var p = document.createElement('p');
var c = function(s) { p.innerHTML = s; return p.innerHTML; }
if ( typeof o === 'object' )
for (var v in o)
o[v] = c(o[v]);
else if ( typeof o === 'string' )
return c(o);
p = null;
};
//]]>
</script>
<?php

View File

@ -215,7 +215,7 @@ jQuery(document).ready( function($) {
});
var showNotice, adminMenu, columns;
(function($){
// stub for doing better warnings
showNotice = {
warn : function(text) {
@ -229,7 +229,6 @@ showNotice = {
alert(text);
}
};
})(jQuery);
(function($){
// sidebar admin menu
@ -350,39 +349,17 @@ columns = {
}
})(jQuery);
/*
(function($) {
$.fn.tTips = function() {
$('body').append('<div id="tTips"><p id="tTips_inside"></p></div>');
var TT = $('#tTips');
this.each(function() {
var el = $(this), txt;
if ( txt = el.attr('title') ) el.attr('tip', txt).removeAttr('title');
else return;
el.find('img').removeAttr('alt');
el.mouseover(function(e) {
txt = el.attr('tip'), o = el.offset();
clearTimeout(TT.sD);
TT.find('p').html(txt);
TT.css({'top': o.top - 43, 'left': o.left - 5});
TT.sD = setTimeout(function(){TT.fadeIn(150);}, 100);
});
el.mouseout(function() {
clearTimeout(TT.sD);
TT.css({display : 'none'});
})
});
$.attrEn = function(elem, name, value) {
if ( typeof value === 'string' )
value = $('<span>'+value+'</span>').html();
return $.attr(elem, name, value);
}
}(jQuery));
$.fn.valEn = function(value) {
if ( typeof value === 'string' )
value = $('<span>'+value+'</span>').html();
return $.fn.val.call(this, value);
}
})(jQuery);
*/
//jQuery(function(){jQuery('#media-buttons a').tTips();});

View File

@ -51,6 +51,7 @@ class WP_Scripts extends WP_Dependencies {
$eol = ",\n";
}
echo "\n\t}\n";
echo "try{convertEntities($object_name);}catch(e){};\n";
echo "/* ]]> */\n";
echo "</script>\n";