From df299289feccf4d894b94cfa7c2a5f5a76c336b8 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Mon, 18 Jun 2007 00:18:18 +0000
Subject: [PATCH] escape before extracting. Props Alexander Concha.

git-svn-id: https://develop.svn.wordpress.org/trunk@5721 602fd350-edb4-49c9-b593-d223f7449a82
---
 xmlrpc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xmlrpc.php b/xmlrpc.php
index ad30a7c01d..51dfc64139 100644
--- a/xmlrpc.php
+++ b/xmlrpc.php
@@ -845,7 +845,7 @@ class wp_xmlrpc_server extends IXR_Server {
 	  if ( !current_user_can('edit_post', $post_ID) )
 	    return new IXR_Error(401, __('Sorry, you do not have the right to edit this post.'));
 
-	  extract($actual_post);
+	  extract($actual_post, EXTR_SKIP);
 
 	  if ( ('publish' == $post_status) && !current_user_can('publish_posts') )
 	  	return new IXR_Error(401, __('Sorry, you do not have the right to publish this post.'));
@@ -1121,8 +1121,8 @@ class wp_xmlrpc_server extends IXR_Server {
 			return(new IXR_Error(404, __("Invalid post id.")));
 		}
 
-	  extract($postdata);
 		$this->escape($postdata);
+		extract($postdata, EXTR_SKIP);
 
 		// Let WordPress manage slug if none was provided.
 		$post_name = "";