Context Navigation

← Previous Changeset
Next Changeset →

Changeset 61427

Timestamp:

01/03/2026 10:24:48 PM (3 months ago)

Author:

SergeyBiryukov

Message:

Bundled Themes: Consistently escape get_search_query() in search.php templates.

Props sabernhardt, himshekhar07, petitphp, karmatosed, SergeyBiryukov.
Fixes #58127.

Location:

trunk/src/wp-content/themes

Files:

: 12 edited

twentyeleven/search.php (modified) (1 diff)
twentyfifteen/search.php (modified) (1 diff)
twentyfourteen/search.php (modified) (1 diff)
twentynineteen/search.php (modified) (1 diff)
twentyseventeen/search.php (modified) (1 diff)
twentysixteen/search.php (modified) (1 diff)
twentyten/search.php (modified) (1 diff)
twentythirteen/search.php (modified) (1 diff)
twentytwelve/search.php (modified) (1 diff)
twentytwenty/index.php (modified) (1 diff)
twentytwentyone/search.php (modified) (1 diff)
twentytwentyone/template-parts/content/content-none.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/wp-content/themes/twentyeleven/search.php

r47122	r61427
19	19	<?php
20	20	/* translators: %s: Search query. */
21		printf( __( 'Search Results for: %s', 'twentyeleven' ), '<span>' . ~~get_search_query(~~) . '</span>' );
	21	printf( __( 'Search Results for: %s', 'twentyeleven' ), '<span>' . esc_html( get_search_query( false ) ) . '</span>' );
22	22	?>
23	23	</h1>

trunk/src/wp-content/themes/twentyfifteen/search.php

r55276	r61427
19	19	<?php
20	20	/* translators: %s: Search query. */
21		printf( __( 'Search Results for: %s', 'twentyfifteen' ), ~~get_search_query(~~) );
	21	printf( __( 'Search Results for: %s', 'twentyfifteen' ), esc_html( get_search_query( false ) ) );
22	22	?>
23	23	</h1>

trunk/src/wp-content/themes/twentyfourteen/search.php

r47122	r61427
19	19	<?php
20	20	/* translators: %s: Search query. */
21		printf( __( 'Search Results for: %s', 'twentyfourteen' ), ~~get_search_query(~~) );
	21	printf( __( 'Search Results for: %s', 'twentyfourteen' ), esc_html( get_search_query( false ) ) );
22	22	?>
23	23	</h1>

trunk/src/wp-content/themes/twentynineteen/search.php

r47122	r61427
21	21	<h1 class="page-title">
22	22	<?php _e( 'Search results for: ', 'twentynineteen' ); ?>
23		<span class="page-description"><?php echo ~~get_search_query(~~); ?></span>
	23	<span class="page-description"><?php echo esc_html( get_search_query( false ) ); ?></span>
24	24	</h1>
25	25	</header><!-- .page-header -->

trunk/src/wp-content/themes/twentyseventeen/search.php

r55422	r61427
20	20	<?php
21	21	/* translators: Search query. */
22		printf( __( 'Search Results for: %s', 'twentyseventeen' ), '<span>' . ~~get_search_query(~~) . '</span>' );
	22	printf( __( 'Search Results for: %s', 'twentyseventeen' ), '<span>' . esc_html( get_search_query( false ) ) . '</span>' );
23	23	?>
24	24	</h1>

trunk/src/wp-content/themes/twentysixteen/search.php

r55276	r61427
19	19	<?php
20	20	/* translators: %s: The search query. */
21		printf( __( 'Search Results for: %s', 'twentysixteen' ), '<span>' . esc_html( get_search_query() ) . '</span>' );
	21	printf( __( 'Search Results for: %s', 'twentysixteen' ), '<span>' . esc_html( get_search_query( false ) ) . '</span>' );
22	22	?>
23	23	</h1>

trunk/src/wp-content/themes/twentyten/search.php

r45932	r61427
17	17	<?php
18	18	/* translators: %s: Search query. */
19		printf( __( 'Search Results for: %s', 'twentyten' ), '<span>' . ~~get_search_query(~~) . '</span>' );
	19	printf( __( 'Search Results for: %s', 'twentyten' ), '<span>' . esc_html( get_search_query( false ) ) . '</span>' );
20	20	?>
21	21	</h1>

trunk/src/wp-content/themes/twentythirteen/search.php

r47122	r61427
19	19	<?php
20	20	/* translators: %s: Search query. */
21		printf( __( 'Search Results for: %s', 'twentythirteen' ), ~~get_search_query(~~) );
	21	printf( __( 'Search Results for: %s', 'twentythirteen' ), esc_html( get_search_query( false ) ) );
22	22	?>
23	23	</h1>

trunk/src/wp-content/themes/twentytwelve/search.php

r47122	r61427
19	19	<?php
20	20	/* translators: %s: Search query. */
21		printf( __( 'Search Results for: %s', 'twentytwelve' ), '<span>' . ~~get_search_query(~~) . '</span>' );
	21	printf( __( 'Search Results for: %s', 'twentytwelve' ), '<span>' . esc_html( get_search_query( false ) ) . '</span>' );
22	22	?>
23	23	</h1>

trunk/src/wp-content/themes/twentytwenty/index.php

-                      r56549
+                      r61427
         $archive_title = sprintf(
             '%1$s %2$s',
+            '%1$s &ldquo;%2$s&rdquo;',
             '<span class="color-accent">' . __( 'Search:', 'twentytwenty' ) . '</span>',
             '&ldquo;' . get_search_query() . '&rdquo;'
+            esc_html( get_search_query( false ) )
         );

trunk/src/wp-content/themes/twentytwentyone/search.php

r50233	r61427
20	20	/* translators: %s: Search term. */
21	21	esc_html__( 'Results for "%s"', 'twentytwentyone' ),
22		'<span class="page-description search-term">' . esc_html( get_search_query() ) . '</span>'
	22	'<span class="page-description search-term">' . esc_html( get_search_query( false ) ) . '</span>'
23	23	);
24	24	?>

trunk/src/wp-content/themes/twentytwentyone/template-parts/content/content-none.php

r50234	r61427
21	21	/* translators: %s: Search term. */
22	22	esc_html__( 'Results for "%s"', 'twentytwentyone' ),
23		'<span class="page-description search-term">' . esc_html( get_search_query() ) . '</span>'
	23	'<span class="page-description search-term">' . esc_html( get_search_query( false ) ) . '</span>'
24	24	);
25	25	?>

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core