Make WordPress Core


Ignore:
Timestamp:
05/18/2009 03:11:07 PM (15 years ago)
Author:
markjaquith
Message:

deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/admin-header.php

    r11280 r11380  
    1111
    1212get_admin_page_title();
    13 $title = wp_specialchars( strip_tags( $title ) );
     13$title = esc_html( strip_tags( $title ) );
    1414wp_user_settings();
    1515wp_menu_unfold();
Note: See TracChangeset for help on using the changeset viewer.