IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Axing htmlspecialchars because it double-encodes-encodes. Better error handling around queries.

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@1940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt
2004-12-12 20:41:19 +00:00
parent 06bacff67d
commit c3e1d51c20
35 changed files with 199 additions and 202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wp-admin/options.php
View File

@@ -48,7 +48,7 @@ case 'update':
// should we even bother checking?
if ($user_level >= $option->option_admin_level) {
$old_val = $option->option_value;
$new_val = $_POST[$option->option_name];
$new_val = wp_specialchars($_POST[$option->option_name]);
if (!$new_val) {
if (3 == $option->option_type)
$new_val = '';
@@ -88,7 +88,7 @@ default:
$options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name");
foreach ($options as $option) :
$value = htmlspecialchars($option->option_value);
$value = wp_specialchars($option->option_value);
echo "
<tr>
<th scope='row'><label for='$option->option_name'>$option->option_name</label></th>