sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use ENT_QUOTES in esc_textarea() in case someone uses it in a value='' situation by accident. see #15454

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@16993 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Mark Jaquith 2010-12-16 09:24:22 +00:00
parent 266cd3f5df
commit dda708677e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/formatting.php
View File

@ -2368,7 +2368,7 @@ function esc_attr( $text ) {
* @return string * @return string
*/ */
function esc_textarea( $text ) { function esc_textarea( $text ) {
$safe_text = htmlspecialchars( $text ); $safe_text = htmlspecialchars( $text, ENT_QUOTES );
return apply_filters( 'esc_textarea', $safe_text, $text ); return apply_filters( 'esc_textarea', $safe_text, $text );
} }