[wp-hackers] Quotes no longer escaped in get_links
lists at basilcrow.com
Sun Dec 19 02:13:51 UTC 2004
I have some items in the links manager that contain apostrophes in the
description, such as "My friend's weblog." In calling get_links(), the
$desc / $title variable in lines 185-186 doesn't escape the single
quote, so when it is placed in the context of <a
href='http://example.com/' rel='friend met' title='My friend's weblog'>,
the apostrophe in the title attribute leads to incorrect and invalid
markup. For the meantime, I changed line 197 to read $title = "
title=\"$title\""; By putting the HTML attribute in double quotes, the
problem is worked around. But I'm hoping the devs were planning to fix
this escaping problem. The last time I mentioned an blog-header.php bug,
Ryan Boren fixed it in CVS a few days later, to my delightful surprise.
More information about the hackers