Changeset 11380 for trunk/wp-admin/options-permalink.php

Timestamp:

05/18/2009 03:11:07 PM (16 years ago)

Author:

markjaquith

Message:

deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.

File:

• trunk/wp-admin/options-permalink.php (modified) (3 diffs)

trunk/wp-admin/options-permalink.php

@@ -143 +143 @@
 <div class="wrap">
 <?php screen_icon(); ?>
-<h2><?php echo wp_specialchars( $title ); ?></h2>
+<h2><?php echo esc_html( $title ); ?></h2>
 
 <form name="form" action="options-permalink.php" method="post">
@@ -227 +227 @@
 <form action="options-permalink.php" method="post">
 <?php wp_nonce_field('update-permalink') ?>
-    <p><textarea rows="10" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo wp_specialchars($wp_rewrite->iis7_url_rewrite_rules()); ?></textarea></p>
+    <p><textarea rows="10" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo esc_html($wp_rewrite->iis7_url_rewrite_rules()); ?></textarea></p>
 </form>
 <p><?php _e('If you temporarily make your <code>web.config</code> file writable for us to generate rewrite rules automatically, do not forget to revert the permissions after rule has been saved.')  ?></p>  
@@ -236 +236 @@
 <form action="options-permalink.php" method="post">
 <?php wp_nonce_field('update-permalink') ?>
-    <p><textarea rows="6" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo wp_specialchars($wp_rewrite->mod_rewrite_rules()); ?></textarea></p>
+    <p><textarea rows="6" class="large-text readonly" name="rules" id="rules" readonly="readonly"><?php echo esc_html($wp_rewrite->mod_rewrite_rules()); ?></textarea></p>
 </form>
     <?php endif; ?>