Escape special characters when outputting DB failures. see #13839.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2012-04-16 21:55:47 +00:00
parent 456206c741
commit 9501ff721d
1 changed files with 2 additions and 2 deletions

View File

@ -754,7 +754,7 @@ class wpdb {
<li>Does the user <code>%2$s</code> have permission to use the <code>%1$s</code> database?</li> <li>Does the user <code>%2$s</code> have permission to use the <code>%1$s</code> database?</li>
<li>On some systems the name of your database is prefixed with your username, so it would be like <code>username_%1$s</code>. Could that be the problem?</li> <li>On some systems the name of your database is prefixed with your username, so it would be like <code>username_%1$s</code>. Could that be the problem?</li>
</ul> </ul>
<p>If you don\'t know how to set up a database you should <strong>contact your host</strong>. If all else fails you may find help at the <a href="http://wordpress.org/support/">WordPress Support Forums</a>.</p>' ), $db, $this->dbuser ), 'db_select_fail' ); <p>If you don\'t know how to set up a database you should <strong>contact your host</strong>. If all else fails you may find help at the <a href="http://wordpress.org/support/">WordPress Support Forums</a>.</p>' ), htmlspecialchars( $db, ENT_QUOTES ), htmlspecialchars( $this->dbuser, ENT_QUOTES ) ), 'db_select_fail' );
return; return;
} }
} }
@ -1051,7 +1051,7 @@ class wpdb {
<li>Are you sure that the database server is running?</li> <li>Are you sure that the database server is running?</li>
</ul> </ul>
<p>If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p> <p>If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>
" ), $this->dbhost ), 'db_connect_fail' ); " ), htmlspecialchars( $this->dbhost, ENT_QUOTES ) ), 'db_connect_fail' );
return; return;
} }