Make WordPress Core


Ignore:
Timestamp:
05/18/2009 03:11:07 PM (16 years ago)
Author:
markjaquith
Message:

deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/revision.php

    r8732 r11380  
    178178
    179179    <tr id="revision-field-<?php echo $field; ?>">
    180         <th scope="row"><?php echo wp_specialchars( $field_title ); ?></th>
     180        <th scope="row"><?php echo esc_html( $field_title ); ?></th>
    181181        <td><div class="pre"><?php echo $content; ?></div></td>
    182182    </tr>
Note: See TracChangeset for help on using the changeset viewer.