Changeset 13106 for trunk/wp-admin/ms-edit.php
- Timestamp:
- 02/13/2010 10:35:10 AM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/ms-edit.php
r13095 r13106 386 386 reset( $themes ); 387 387 foreach ( (array) $themes as $key => $theme ) { 388 if ( $_POST['theme'][ wp_specialchars( $theme['Stylesheet'] ) ] == 'enabled' )389 $allowed_themes[ wp_specialchars( $theme['Stylesheet'] ) ] = true;388 if ( $_POST['theme'][ esc_html( $theme['Stylesheet'] ) ] == 'enabled' ) 389 $allowed_themes[ esc_html( $theme['Stylesheet'] ) ] = true; 390 390 } 391 391 update_site_option( 'allowedthemes', $allowed_themes ); … … 414 414 <body id="error-page"> 415 415 <h1 id="logo"><img alt="WordPress" src="images/wordpress-logo.png" /></h1> 416 <form action='ms-edit.php?action=<?php echo wp_specialchars( $_GET[ 'action2' ] ) ?>' method='post'>417 <input type='hidden' name='action' value='<?php echo wp_specialchars( $_GET['action2'] ) ?>' />418 <input type='hidden' name='id' value='<?php echo wp_specialchars( $id ); ?>' />416 <form action='ms-edit.php?action=<?php echo esc_attr( $_GET[ 'action2' ] ) ?>' method='post'> 417 <input type='hidden' name='action' value='<?php echo esc_attr( $_GET['action2'] ) ?>' /> 418 <input type='hidden' name='id' value='<?php echo esc_attr( $id ); ?>' /> 419 419 <input type='hidden' name='ref' value='<?php echo $referrer; ?>' /> 420 420 <?php wp_nonce_field( $_GET['action2'] ) ?> 421 <p><?php echo wp_specialchars( stripslashes($_GET['msg']) ); ?></p>421 <p><?php echo esc_html( stripslashes($_GET['msg']) ); ?></p> 422 422 <p class="submit"><input class="button" type='submit' value='<?php _e("Confirm"); ?>' /></p> 423 423 </form> … … 500 500 501 501 $password = wp_generate_password(); 502 $user_id = wpmu_create_user(wp_specialchars( strtolower( $user['username'] ) ), $password, wp_specialchars( $user['email'] ) );502 $user_id = wpmu_create_user(wp_specialchars( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) ); 503 503 504 504 if ( false == $user_id )
Note: See TracChangeset
for help on using the changeset viewer.