Changeset 2385 for trunk/wp-admin/theme-editor.php

Timestamp:

02/26/2005 06:38:18 AM (20 years ago)

Author:

ryan

Message:

Strip slashes from theme name. Encode special chars in theme name. ​http://mosquito.wordpress.org/view.php?id=978 and ​http://mosquito.wordpress.org/view.php?id=953

File:

• trunk/wp-admin/theme-editor.php (modified) (2 diffs)

trunk/wp-admin/theme-editor.php

@@ -25 +25 @@
 if (empty($theme)) {
     $theme = get_current_theme();
+} else {
+    $theme = stripslashes($theme);
 }
 
@@ -90 +92 @@
         if ($theme_name == $theme) $selected = " selected='selected'";
         else $selected = '';
-        echo "\n\t<option value='$theme_name' $selected>$theme_name</option>";
+        $theme_name = wp_specialchars($theme_name, true);
+        echo "\n\t<option value=\"$theme_name\" $selected>$theme_name</option>";
     }
 ?>