IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Axing htmlspecialchars because it double-encodes-encodes. Better error handling around queries.

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@1940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt
2004-12-12 20:41:19 +00:00
parent 06bacff67d
commit c3e1d51c20
35 changed files with 199 additions and 202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/edit-comments.php
View File

@@ -6,7 +6,7 @@ $parent_file = 'edit.php';
require_once('admin-header.php');
if (empty($_GET['mode'])) $mode = 'view';
else $mode = htmlspecialchars($_GET['mode']);
else $mode = wp_specialchars($_GET['mode'], 1);
?>
<script type="text/javascript">
@@ -29,7 +29,7 @@ function checkAll(form)
<form name="searchform" action="" method="get">
<fieldset>
<legend><?php _e('Show Comments That Contain...') ?></legend>
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo htmlspecialchars($_GET['s']); ?>" size="17" />
<input type="text" name="s" value="<?php if (isset($_GET['s'])) echo wp_specialchars($_GET['s'], 1); ?>" size="17" />
<input type="submit" name="submit" value="<?php _e('Search') ?>" />
<input type="hidden" name="mode" value="<?php echo $mode; ?>" />
<?php _e('(Searches within comment text, e-mail, URI, and IP address.)') ?>