WordPress.org

Make WordPress Core


Ignore:
Timestamp:
12/27/2007 08:27:58 AM (14 years ago)
Author:
ryan
Message:

Add some sanitization

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.3/wp-mail.php

    r6487 r6502  
    162162    do_action('publish_phone', $post_ID);
    163163
    164     echo "\n<p><b>Author:</b> $post_author</p>";
    165     echo "\n<p><b>Posted title:</b> $post_title<br />";
    166     echo "\n<b>Posted content:</b><br /><pre>".$content.'</pre></p>';
     164    echo "\n<p><b>Author:</b> " . wp_specialchars($post_author) . "</p>";
     165    echo "\n<p><b>Posted title:</b> " . sanitize_post_field('post_title', $post_title, $post_ID, 'display') . "<br />";
     166    echo "\n<b>Posted content:</b><br /><pre>". sanitize_post_field('post_content', $post_content, $post_ID, 'display') . '</pre></p>';
    167167
    168168    if(!$pop3->delete($i)) {
Note: See TracChangeset for help on using the changeset viewer.