sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More attribute_escape(). 

git-svn-id: https://develop.svn.wordpress.org/trunk@5044 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2007-03-16 01:20:53 +00:00
parent 096395f366
commit d2aba83689
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/functions.php
View File

@ -1280,7 +1280,7 @@ function wp_nonce_ays($action) {
if ( $_POST ) { if ( $_POST ) {
$q = http_build_query($_POST); $q = http_build_query($_POST);
$q = explode( ini_get('arg_separator.output'), $q); $q = explode( ini_get('arg_separator.output'), $q);
$html .= "\t<form method='post' action='$pagenow'>\n"; $html .= "\t<form method='post' action='" . attribute_escape($pagenow) . "'>\n";
foreach ( (array) $q as $a ) { foreach ( (array) $q as $a ) {
$v = substr(strstr($a, '='), 1); $v = substr(strstr($a, '='), 1);
$k = substr($a, 0, -(strlen($v)+1)); $k = substr($a, 0, -(strlen($v)+1));