[wp-trac] [WordPress Trac] #2892: JS confirmation dialog for
deletion in 'manage posts'
WordPress Trac
wp-trac at lists.automattic.com
Mon Jul 3 19:48:47 GMT 2006
#2892: JS confirmation dialog for deletion in 'manage posts'
----------------------------+-----------------------------------------------
Reporter: c0ldfusi0nz | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone:
Component: Administration | Version:
Severity: normal | Keywords:
----------------------------+-----------------------------------------------
Line #213 in wp-admin/edit.php
The javascript confirmation dialog fails to appear when trying to delete a
post under 'manage posts' if the title of the post contains any single
quotes. Thus the post is deleted without confirmation.
I see that wp_specialchars is encoding single quotes in the title as
' but the JS is converting that back to a single quote which ends the
message string early and results in the popup dialog's failure to appear.
I would recommend adding some logic to js_escape to make sure any single
quotes are getting escaped, such as a str_replace to add a backslash in
front of the ' chars.
--
Ticket URL: <http://trac.wordpress.org/ticket/2892>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list