Ticket #10874: esc_html.diff
| File esc_html.diff, 2.1 KB (added by , 15 years ago) |
|---|
-
wp-includes/wp-db.php
607 607 if ( !$this->show_errors ) 608 608 return false; 609 609 610 $str = htmlspecialchars($str, ENT_QUOTES);611 $query = htmlspecialchars($this->last_query, ENT_QUOTES);610 $str = esc_html($str); 611 $query = esc_html($this->last_query); 612 612 613 613 // If there is an error then take note of it 614 614 print "<div id='error'> -
wp-admin/includes/template.php
2141 2141 comment_text(); 2142 2142 if ( $user_can ) { ?> 2143 2143 <div id="inline-<?php echo $comment->comment_ID; ?>" class="hidden"> 2144 <textarea class="comment" rows="1" cols="1"><?php echo htmlspecialchars( apply_filters('comment_edit_pre', $comment->comment_content), ENT_QUOTES); ?></textarea>2144 <textarea class="comment" rows="1" cols="1"><?php echo esc_html( apply_filters('comment_edit_pre', $comment->comment_content) ); ?></textarea> 2145 2145 <div class="author-email"><?php echo esc_attr( $comment->comment_author_email ); ?></div> 2146 2146 <div class="author"><?php echo esc_attr( $comment->comment_author ); ?></div> 2147 2147 <div class="author-url"><?php echo esc_attr( $comment->comment_author_url ); ?></div> -
wp-admin/edit-page-form.php
120 120 <div id="titlediv"> 121 121 <div id="titlewrap"> 122 122 <label class="screen-reader-text" for="title"><?php _e('Title') ?></label> 123 <input type="text" name="post_title" size="30" tabindex="1" value="<?php echo esc_attr( htmlspecialchars( $post->post_title )); ?>" id="title" autocomplete="off" />123 <input type="text" name="post_title" size="30" tabindex="1" value="<?php echo esc_attr( $post->post_title ); ?>" id="title" autocomplete="off" /> 124 124 </div> 125 125 <div class="inside"> 126 126 <?php $sample_permalink_html = get_sample_permalink_html($post->ID); ?>