<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[14127] trunk/wp-admin: Escape/texturize Admin menu titles.</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/14127">14127</a></dd>
<dt>Author</dt> <dd>dd32</dd>
<dt>Date</dt> <dd>2010-04-18 03:38:47 +0000 (Sun, 18 Apr 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre>Escape/texturize Admin menu titles. Fixes page titles such as "Foo & Bar" not being entity encoded. Also includes some basic whitespace/standards cleanup to a related function. Fixes <a href="http://trac.wordpress.org/ticket/12039">#12039</a></pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminincludespluginphp">trunk/wp-admin/includes/plugin.php</a></li>
<li><a href="#trunkwpadminmenuheaderphp">trunk/wp-admin/menu-header.php</a></li>
<li><a href="#trunkwpadminmenuphp">trunk/wp-admin/menu.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminincludespluginphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/plugin.php (14126 => 14127)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/plugin.php        2010-04-18 02:56:00 UTC (rev 14126)
+++ trunk/wp-admin/includes/plugin.php        2010-04-18 03:38:47 UTC (rev 14127)
</span><span class="lines">@@ -818,22 +818,20 @@
</span><span class="cx">
</span><span class="cx">         $hookname = get_plugin_page_hookname( $menu_slug, '' );
</span><span class="cx">
</span><del>-        if (!empty ( $function ) && !empty ( $hookname ) && current_user_can( $capability ) )
</del><ins>+        if ( !empty( $function ) && !empty( $hookname ) && current_user_can( $capability ) )
</ins><span class="cx">                 add_action( $hookname, $function );
</span><span class="cx">
</span><del>-        if ( empty($icon_url) ) {
</del><ins>+        if ( empty($icon_url) )
</ins><span class="cx">                 $icon_url = esc_url( admin_url( 'images/generic.png' ) );
</span><del>-        } elseif ( is_ssl() && 0 === strpos($icon_url, 'http://') ) {
</del><ins>+        elseif ( is_ssl() && 0 === strpos($icon_url, 'http://') )
</ins><span class="cx">                 $icon_url = 'https://' . substr($icon_url, 7);
</span><del>-        }
</del><span class="cx">
</span><del>-        $new_menu = array ( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
</del><ins>+        $new_menu = array( $menu_title, $capability, $menu_slug, $page_title, 'menu-top ' . $hookname, $hookname, $icon_url );
</ins><span class="cx">
</span><del>-        if ( NULL === $position ) {
</del><ins>+        if ( null === $position )
</ins><span class="cx">                 $menu[] = $new_menu;
</span><del>-        } else {
</del><ins>+        else
</ins><span class="cx">                 $menu[$position] = $new_menu;
</span><del>-        }
</del><span class="cx">
</span><span class="cx">         $_registered_pages[$hookname] = true;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkwpadminmenuheaderphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/menu-header.php (14126 => 14127)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/menu-header.php        2010-04-18 02:56:00 UTC (rev 14126)
+++ trunk/wp-admin/menu-header.php        2010-04-18 03:38:47 UTC (rev 14127)
</span><span class="lines">@@ -69,6 +69,8 @@
</span><span class="cx">                 }
</span><span class="cx">                 $toggle = '<div class="wp-menu-toggle"><br /></div>';
</span><span class="cx">
</span><ins>+                $title = wptexturize($item[0]);
+
</ins><span class="cx">                 echo "\n\t<li$class$id>";
</span><span class="cx">
</span><span class="cx">                 if ( false !== strpos($class, 'wp-menu-separator') ) {
</span><span class="lines">@@ -81,9 +83,9 @@
</span><span class="cx">                                 $menu_file = substr($menu_file, 0, $pos);
</span><span class="cx">                         if ( ( ('index.php' != $submenu[$item[2]][0][2]) && file_exists(WP_PLUGIN_DIR . "/$menu_file") ) || !empty($menu_hook)) {
</span><span class="cx">                                 $admin_is_parent = true;
</span><del>-                                echo "<div class='wp-menu-image'><a href='admin.php?page={$submenu[$item[2]][0][2]}'>$img</a></div>$toggle<a href='admin.php?page={$submenu[$item[2]][0][2]}'$class$tabindex>{$item[0]}</a>";
</del><ins>+                                echo "<div class='wp-menu-image'><a href='admin.php?page={$submenu[$item[2]][0][2]}'>$img</a></div>$toggle<a href='admin.php?page={$submenu[$item[2]][0][2]}'$class$tabindex>$title</a>";
</ins><span class="cx">                         } else {
</span><del>-                                echo "\n\t<div class='wp-menu-image'><a href='{$submenu[$item[2]][0][2]}'>$img</a></div>$toggle<a href='{$submenu[$item[2]][0][2]}'$class$tabindex>{$item[0]}</a>";
</del><ins>+                                echo "\n\t<div class='wp-menu-image'><a href='{$submenu[$item[2]][0][2]}'>$img</a></div>$toggle<a href='{$submenu[$item[2]][0][2]}'$class$tabindex>$title</a>";
</ins><span class="cx">                         }
</span><span class="cx">                 } else if ( current_user_can($item[1]) ) {
</span><span class="cx">                         $menu_hook = get_plugin_page_hook($item[2], 'admin.php');
</span><span class="lines">@@ -138,6 +140,8 @@
</span><span class="cx">                                 if ( false !== $pos = strpos($sub_file, '?') )
</span><span class="cx">                                         $sub_file = substr($sub_file, 0, $pos);
</span><span class="cx">
</span><ins>+                                $title = wptexturize($sub_item[0]);
+
</ins><span class="cx">                                 if ( ( ('index.php' != $sub_item[2]) && file_exists(WP_PLUGIN_DIR . "/$sub_file") ) || ! empty($menu_hook) ) {
</span><span class="cx">                                         // If admin.php is the current page or if the parent exists as a file in the plugins or admin dir
</span><span class="cx">                                         if ( (!$admin_is_parent && file_exists(WP_PLUGIN_DIR . "/$menu_file") && !is_dir(WP_PLUGIN_DIR . "/{$item[2]}")) || file_exists($menu_file) )
</span><span class="lines">@@ -145,9 +149,9 @@
</span><span class="cx">                                         else
</span><span class="cx">                                                 $sub_item_url = add_query_arg( array('page' => $sub_item[2]), 'admin.php' );
</span><span class="cx">                                         $sub_item_url = esc_url($sub_item_url);
</span><del>-                                        echo "<li$class><a href='$sub_item_url'$class$tabindex>{$sub_item[0]}</a></li>";
</del><ins>+                                        echo "<li$class><a href='$sub_item_url'$class$tabindex>$title</a></li>";
</ins><span class="cx">                                 } else {
</span><del>-                                        echo "<li$class><a href='{$sub_item[2]}'$class$tabindex>{$sub_item[0]}</a></li>";
</del><ins>+                                        echo "<li$class><a href='{$sub_item[2]}'$class$tabindex>$title</a></li>";
</ins><span class="cx">                                 }
</span><span class="cx">                         }
</span><span class="cx">                         echo "</ul></div>";
</span></span></pre></div>
<a id="trunkwpadminmenuphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/menu.php (14126 => 14127)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/menu.php        2010-04-18 02:56:00 UTC (rev 14126)
+++ trunk/wp-admin/menu.php        2010-04-18 03:38:47 UTC (rev 14127)
</span><span class="lines">@@ -179,7 +179,7 @@
</span><span class="cx">
</span><span class="cx"> if ( current_user_can('edit_users') ) {
</span><span class="cx">         $_wp_real_parent_file['profile.php'] = 'users.php'; // Back-compat for plugins adding submenus to profile.php.
</span><del>-        $submenu['users.php'][5] = array(__('Authors &amp; Users'), 'edit_users', 'users.php');
</del><ins>+        $submenu['users.php'][5] = array(__('Authors & Users'), 'edit_users', 'users.php');
</ins><span class="cx">         $submenu['users.php'][10] = array(_x('Add New', 'user'), 'create_users', 'user-new.php');
</span><span class="cx">
</span><span class="cx">         $submenu['users.php'][15] = array(__('Your Profile'), 'read', 'profile.php');
</span></span></pre>
</div>
</div>
</body>
</html>