Changeset 3974

Show
Ignore:
Timestamp:
07/05/06 09:55:24 (3 years ago)
Author:
ryan
Message:

wp_specialchars() within wp_nonce_url(). Props Nazgul. fixes #2857

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/wp-includes/functions.php

    r3960 r3974  
    807807 
    808808function wp_nonce_url($actionurl, $action = -1) { 
    809     return add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl); 
     809    return wp_specialchars(add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl)); 
    810810} 
    811811