deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.
git-svn-id: http://svn.automattic.com/wordpress/trunk@11380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
@@ -135,7 +135,7 @@ default:
|
||||
<?php endif; ?>
|
||||
<div class="wrap">
|
||||
<?php screen_icon(); ?>
|
||||
<h2><?php echo wp_specialchars( $title ); ?></h2>
|
||||
<h2><?php echo esc_html( $title ); ?></h2>
|
||||
<div class="bordertitle">
|
||||
<form id="themeselector" action="plugin-editor.php" method="post">
|
||||
<strong><label for="plugin"><?php _e('Select plugin to edit:'); ?> </label></strong>
|
||||
|
||||
Reference in New Issue
Block a user