WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use ENT_QUOTES in esc_textarea() in case someone uses it in a value='' situation by accident. see #15454 

git-svn-id: http://svn.automattic.com/wordpress/trunk@16993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
markjaquith 2010-12-16 09:24:22 +00:00
parent a189f21c45
commit 49c11dc768
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/formatting.php
View File

@ -2368,7 +2368,7 @@ function esc_attr( $text ) {
* @return string * @return string
*/ */
function esc_textarea( $text ) { function esc_textarea( $text ) {
$safe_text = htmlspecialchars( $text ); $safe_text = htmlspecialchars( $text, ENT_QUOTES );
return apply_filters( 'esc_textarea', $safe_text, $text ); return apply_filters( 'esc_textarea', $safe_text, $text );
} }