deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.

git-svn-id: http://svn.automattic.com/wordpress/trunk@11380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-18 15:11:07 +00:00
parent e2802f7f3b
commit 119b39cec2
68 changed files with 210 additions and 151 deletions
--- a/wp-admin/plugin-editor.php
+++ b/wp-admin/plugin-editor.php
@@ -135,7 +135,7 @@ default:
 <?php endif; ?>
 <div class="wrap">
 <?php screen_icon(); ?>
-<h2><?php echo wp_specialchars( $title ); ?></h2>
+<h2><?php echo esc_html( $title ); ?></h2>
 <div class="bordertitle">
 	<form id="themeselector" action="plugin-editor.php" method="post">
 		<strong><label for="plugin"><?php _e('Select plugin to edit:'); ?> </label></strong>