<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[13105] trunk/wp-content/themes/twentyten: Remove Direct SQL,
  Use new esc_html() function, Correct the case of the ID keys.</title>
</head>
<body>

<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/13105">13105</a></dd>
<dt>Author</dt> <dd>dd32</dd>
<dt>Date</dt> <dd>2010-02-13 09:59:16 +0000 (Sat, 13 Feb 2010)</dd>
</dl>

<h3>Log Message</h3>
<pre>Remove Direct SQL, Use new esc_html() function, Correct the case of the ID keys. See <a href="http://trac.wordpress.org/ticket/9015">#9015</a></pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpcontentthemestwentytenattachmentphp">trunk/wp-content/themes/twentyten/attachment.php</a></li>
<li><a href="#trunkwpcontentthemestwentytenheaderphp">trunk/wp-content/themes/twentyten/header.php</a></li>
<li><a href="#trunkwpcontentthemestwentytenindexphp">trunk/wp-content/themes/twentyten/index.php</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpcontentthemestwentytenattachmentphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-content/themes/twentyten/attachment.php (13104 => 13105)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-content/themes/twentyten/attachment.php        2010-02-13 09:49:44 UTC (rev 13104)
+++ trunk/wp-content/themes/twentyten/attachment.php        2010-02-13 09:59:16 UTC (rev 13105)
</span><span class="lines">@@ -5,7 +5,7 @@
</span><span class="cx"> 
</span><span class="cx"> &lt;?php the_post(); ?&gt;
</span><span class="cx"> 
</span><del>-                                &lt;p class=&quot;page-title&quot;&gt;&lt;a href=&quot;&lt;?php echo get_permalink($post-&gt;post_parent) ?&gt;&quot; title=&quot;&lt;?php printf( esc_attr__( 'Return to %s', 'twentyten' ), wp_specialchars( get_the_title($post-&gt;post_parent), 1 ) ) ?&gt;&quot; rel=&quot;gallery&quot;&gt;&amp;larr; &lt;?php echo get_the_title($post-&gt;post_parent) ?&gt;&lt;/a&gt;&lt;/p&gt;
</del><ins>+                                &lt;p class=&quot;page-title&quot;&gt;&lt;a href=&quot;&lt;?php echo get_permalink($post-&gt;post_parent) ?&gt;&quot; title=&quot;&lt;?php printf( esc_attr__( 'Return to %s', 'twentyten' ), esc_html( get_the_title($post-&gt;post_parent), 1 ) ) ?&gt;&quot; rel=&quot;gallery&quot;&gt;&amp;larr; &lt;?php echo get_the_title($post-&gt;post_parent) ?&gt;&lt;/a&gt;&lt;/p&gt;
</ins><span class="cx"> 
</span><span class="cx">                                 &lt;div id=&quot;post-&lt;?php the_ID(); ?&gt;&quot; &lt;?php post_class(); ?&gt;&gt;
</span><span class="cx">                                         &lt;h2 class=&quot;entry-title&quot;&gt;&lt;?php the_title(); ?&gt;&lt;/h2&gt;
</span><span class="lines">@@ -21,8 +21,8 @@
</span><span class="cx"> 
</span><span class="cx">                                         &lt;div class=&quot;entry-content&quot;&gt;
</span><span class="cx">                                                 &lt;div class=&quot;entry-attachment&quot;&gt;
</span><del>-&lt;?php if ( wp_attachment_is_image( $post-&gt;id ) ) : $att_image = wp_get_attachment_image_src( $post-&gt;id, array(640,640)); ?&gt;
-                                                &lt;p class=&quot;attachment&quot;&gt;&lt;a href=&quot;&lt;?php echo wp_get_attachment_url($post-&gt;id); ?&gt;&quot; title=&quot;&lt;?php echo esc_attr( get_the_title() ); ?&gt;&quot; rel=&quot;attachment&quot;&gt;&lt;img src=&quot;&lt;?php echo $att_image[0];?&gt;&quot; width=&quot;&lt;?php echo $att_image[1];?&gt;&quot; height=&quot;&lt;?php echo $att_image[2];?&gt;&quot;  class=&quot;attachment-medium&quot; alt=&quot;&lt;?php $post-&gt;post_excerpt; ?&gt;&quot; /&gt;&lt;/a&gt;
</del><ins>+&lt;?php if ( wp_attachment_is_image( $post-&gt;ID ) ) : $att_image = wp_get_attachment_image_src( $post-&gt;ID,  array(640, 640)); ?&gt;
+                                                &lt;p class=&quot;attachment&quot;&gt;&lt;a href=&quot;&lt;?php echo wp_get_attachment_url($post-&gt;ID); ?&gt;&quot; title=&quot;&lt;?php echo esc_attr( get_the_title() ); ?&gt;&quot; rel=&quot;attachment&quot;&gt;&lt;img src=&quot;&lt;?php echo $att_image[0];?&gt;&quot; width=&quot;&lt;?php echo $att_image[1];?&gt;&quot; height=&quot;&lt;?php echo $att_image[2];?&gt;&quot;  class=&quot;attachment-medium&quot; alt=&quot;&lt;?php $post-&gt;post_excerpt; ?&gt;&quot; /&gt;&lt;/a&gt;
</ins><span class="cx">                                                 &lt;/p&gt;
</span><span class="cx"> 
</span><span class="cx"> 
</span><span class="lines">@@ -47,7 +47,7 @@
</span><span class="cx">                                                 get_the_tag_list( __( ' and tagged ', 'twentyten' ), ', ', '' ),
</span><span class="cx">                                                 get_permalink(),
</span><span class="cx">                                                 the_title_attribute('echo=0'),
</span><del>-                                                comments_rss() ) ?&gt;
</del><ins>+                                                get_post_comments_feed_link() ) ?&gt;
</ins><span class="cx"> 
</span><span class="cx"> &lt;?php if ( comments_open() &amp;&amp; pings_open() ) : // Comments and trackbacks open ?&gt;
</span><span class="cx">                                                 &lt;?php printf( __( '&lt;a class=&quot;comment-link&quot; href=&quot;#respond&quot; title=&quot;Post a comment&quot;&gt;Post a comment&lt;/a&gt; or leave a trackback: &lt;a class=&quot;trackback-link&quot; href=&quot;%s&quot; title=&quot;Trackback URL for your post&quot; rel=&quot;trackback&quot;&gt;Trackback URL&lt;/a&gt;.', 'twentyten' ), get_trackback_url() ) ?&gt;
</span></span></pre></div>
<a id="trunkwpcontentthemestwentytenheaderphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-content/themes/twentyten/header.php (13104 => 13105)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-content/themes/twentyten/header.php        2010-02-13 09:49:44 UTC (rev 13104)
+++ trunk/wp-content/themes/twentyten/header.php        2010-02-13 09:59:16 UTC (rev 13105)
</span><span class="lines">@@ -5,7 +5,7 @@
</span><span class="cx">         if ( is_single() ) { single_post_title(); print ' | '; bloginfo('name'); }
</span><span class="cx">         elseif ( is_home() || is_front_page() ) { bloginfo('name'); print ' | '; bloginfo('description'); get_page_number(); }
</span><span class="cx">         elseif ( is_page() ) { single_post_title(''); print ' | '; bloginfo('name'); }
</span><del>-        elseif ( is_search() ) { print 'Search results for ' . wp_specialchars($s); get_page_number(); print ' | '; bloginfo('name'); }
</del><ins>+        elseif ( is_search() ) { print 'Search results for ' . esc_html($s); get_page_number(); print ' | '; bloginfo('name'); }
</ins><span class="cx">         elseif ( is_404() ) { print 'Not Found | '; bloginfo('name'); }
</span><span class="cx">         else { bloginfo('name'); wp_title('|'); get_page_number(); }
</span><span class="cx">     ?&gt;&lt;/title&gt;
</span><span class="lines">@@ -20,8 +20,8 @@
</span><span class="cx"> 
</span><span class="cx">         &lt;?php wp_head(); ?&gt;
</span><span class="cx"> 
</span><del>-        &lt;link rel=&quot;alternate&quot; type=&quot;application/rss+xml&quot; href=&quot;&lt;?php bloginfo('rss2_url'); ?&gt;&quot; title=&quot;&lt;?php printf( esc_attr__( '%s latest posts', 'twentyten' ), wp_specialchars( get_bloginfo('name'), 1 ) ); ?&gt;&quot; /&gt;
-        &lt;link rel=&quot;alternate&quot; type=&quot;application/rss+xml&quot; href=&quot;&lt;?php bloginfo('comments_rss2_url') ?&gt;&quot; title=&quot;&lt;?php printf( esc_attr__( '%s latest comments', 'twentyten' ), wp_specialchars( get_bloginfo('name'), 1 ) ); ?&gt;&quot; /&gt;
</del><ins>+        &lt;link rel=&quot;alternate&quot; type=&quot;application/rss+xml&quot; href=&quot;&lt;?php bloginfo('rss2_url'); ?&gt;&quot; title=&quot;&lt;?php printf( esc_attr__( '%s latest posts', 'twentyten' ), esc_html( get_bloginfo('name') ) ); ?&gt;&quot; /&gt;
+        &lt;link rel=&quot;alternate&quot; type=&quot;application/rss+xml&quot; href=&quot;&lt;?php bloginfo('comments_rss2_url') ?&gt;&quot; title=&quot;&lt;?php printf( esc_attr__( '%s latest comments', 'twentyten' ), esc_html( get_bloginfo('name') ) ); ?&gt;&quot; /&gt;
</ins><span class="cx">         &lt;link rel=&quot;pingback&quot; href=&quot;&lt;?php bloginfo('pingback_url'); ?&gt;&quot; /&gt;
</span><span class="cx"> &lt;/head&gt;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkwpcontentthemestwentytenindexphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-content/themes/twentyten/index.php (13104 => 13105)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-content/themes/twentyten/index.php        2010-02-13 09:49:44 UTC (rev 13104)
+++ trunk/wp-content/themes/twentyten/index.php        2010-02-13 09:59:16 UTC (rev 13105)
</span><span class="lines">@@ -24,10 +24,14 @@
</span><span class="cx">                         &lt;/div&gt;&lt;!-- .entry-meta --&gt;
</span><span class="cx"> 
</span><span class="cx">                         &lt;div class=&quot;entry-content&quot;&gt;
</span><del>-                                &lt;div class=&quot;gallery-thumb&quot;&gt;&lt;a class=&quot;size-thumbnail&quot; href=&quot;&lt;?php permalink_link() ?&gt;&quot;&gt;&lt;?php $hilite = $wpdb-&gt;get_var( &quot;SELECT ID FROM $wpdb-&gt;posts WHERE post_parent = '$post-&gt;ID' AND post_type = 'attachment' LIMIT 1&quot; ); echo wp_get_attachment_image( $hilite, 'thumbnail' );?&gt;&lt;/a&gt;&lt;/div&gt;
</del><ins>+                                &lt;div class=&quot;gallery-thumb&quot;&gt;&lt;a class=&quot;size-thumbnail&quot; href=&quot;&lt;?php permalink_link() ?&gt;&quot;&gt;&lt;?php
+                                $images =&amp; get_children( array('post_parent' =&gt; $post-&gt;ID, 'post_type' =&gt; 'attachment', 'post_mime_type' =&gt; 'image', 'orderby' =&gt; 'menu_order', 'order' =&gt; 'ASC', 'numberposts' =&gt; 999) );
+                                $total_images = count($images);
+                                $image = array_shift($images);
+                                echo wp_get_attachment_image( $image-&gt;ID, 'thumbnail' );
+                                ?&gt;&lt;/a&gt;&lt;/div&gt;
+                                &lt;p&gt;&lt;em&gt;&lt;?php printf( __('This gallery contains &lt;a %1$s&gt;%2$s photos&lt;/a&gt;.', 'twentyten'), 'href=&quot;' . get_permalink() . '&quot; title=&quot;' . sprintf( esc_attr__('Permalink to %s', 'twentyten'), the_title_attribute('echo=0') ) . '&quot; rel=&quot;bookmark&quot;', $total_images ); ?&gt;&lt;/em&gt;&lt;/p&gt;
</ins><span class="cx"> 
</span><del>-                                &lt;p&gt;&lt;em&gt;&lt;?php printf( __('This gallery contains &lt;a %1$s&gt;%2$s photos&lt;/a&gt;.', 'twentyten'), 'href=&quot;' . get_permalink() . '&quot; title=&quot;' . sprintf( esc_attr__('Permalink to %s', 'twentyten'), the_title_attribute('echo=0') ) . '&quot; rel=&quot;bookmark&quot;', $wpdb-&gt;get_var( &quot;SELECT COUNT(*) FROM $wpdb-&gt;posts WHERE post_parent = '$post-&gt;ID' AND post_type = 'attachment'&quot; )); ?&gt;&lt;/em&gt;&lt;/p&gt;
-
</del><span class="cx">                                 &lt;?php the_excerpt(''); ?&gt;
</span><span class="cx">                         &lt;/div&gt;&lt;!-- .entry-content --&gt;
</span><span class="cx"> 
</span></span></pre>
</div>
</div>

</body>
</html>