From a9ad6f372ff668a8bd593f48069e09c9e361e891 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Sun, 18 Mar 2007 23:04:22 +0000
Subject: [PATCH] escape pagenow.  Props xknown. fixes #3988 for trunk

git-svn-id: https://develop.svn.wordpress.org/trunk@5059 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/admin-header.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-admin/admin-header.php b/wp-admin/admin-header.php
index 34f6d7d4ec..9f6402b66a 100644
--- a/wp-admin/admin-header.php
+++ b/wp-admin/admin-header.php
@@ -2,7 +2,7 @@
 @header('Content-type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
 if (!isset($_GET["page"])) require_once('admin.php');
 if ( $editing ) {
-	wp_enqueue_script( array("dbx-admin-key?pagenow=$pagenow",'admin-custom-fields') );
+	wp_enqueue_script( array('dbx-admin-key?pagenow=' . attribute_escape($pagenow),'admin-custom-fields') );
 	if ( current_user_can('manage_categories') )
 		wp_enqueue_script( 'ajaxcat' );
 	if ( user_can_richedit() )