Changeset 1299345
- Timestamp:
- 12/02/2015 10:15:31 PM (10 years ago)
- Location:
- admin-pages/trunk
- Files:
-
- 2 edited
-
bw-admin-pages.php (modified) (2 diffs)
-
inc/add_pages.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
admin-pages/trunk/bw-admin-pages.php
r1298680 r1299345 89 89 $bwadminpages_id = esc_sql($_POST['bwadminpages_edit_page_id']); 90 90 $bwadminpages_page_title = esc_sql($_POST['bwadminpages_page_title']); 91 $bwadminpages_page_content = esc_sql( $_POST['bwadminpages_page_content']);91 $bwadminpages_page_content = esc_sql(htmlspecialchars($_POST['bwadminpages_page_content'])); 92 92 $bwadminpages_menu_position = esc_sql($_POST['bwadminpages_menu_position']); 93 93 $bwadminpages_menu_icon = esc_sql($_POST['bwadminpages_menu_icon']); … … 117 117 118 118 if( $hidden_field == 'Y' ) { 119 $bwadminpages_id = e cs_sql($_POST['bwadminpages_delete_page_id']);119 $bwadminpages_id = esc_sql($_POST['bwadminpages_delete_page_id']); 120 120 121 121 $table_name = $wpdb->prefix . 'bwadminpages'; -
admin-pages/trunk/inc/add_pages.php
r1298725 r1299345 29 29 } 30 30 echo '<div class=\"wrap\">'; 31 echo do_shortcode('". $page_content."');31 echo do_shortcode('".htmlspecialchars_decode(nl2br($page_content))."'); 32 32 echo '</div>'; 33 33 }"
Note: See TracChangeset
for help on using the changeset viewer.