From 24d5a6bddd4e1d911488adbbad012157684bca4c Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Sat, 4 Sep 2004 08:03:20 +0000
Subject: [PATCH] Escape content and title before inserting into the DB. 
 http://wordpress.org/support/2/12153

git-svn-id: https://develop.svn.wordpress.org/trunk@1590 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/import-textpattern.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wp-admin/import-textpattern.php b/wp-admin/import-textpattern.php
index 9090b49f2e..539d7294dd 100644
--- a/wp-admin/import-textpattern.php
+++ b/wp-admin/import-textpattern.php
@@ -97,8 +97,8 @@ while ($post = mysql_fetch_array($posts)) {
 	$timestamp = mktime($hour, $minute, $second, $month, $day, $year);
 	$posted = date('Y-m-d H:i:s', $timestamp);
 	
-	$content = $post['Body_html'];
-	$title = $post['Title'];
+	$content = addslashes($post['Body_html']);
+	$title = addslashes($post['Title']);
 	$post_name = sanitize_title($title);
 
 	$wpdb->query("INSERT INTO $wpdb->posts