Changeset 5946

Show
Ignore:
Timestamp:
08/26/07 22:13:54 (1 year ago)
Author:
ryan
Message:

Escape parsed fields.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/wp-app.php

    r5910 r5946  
    421421        $post_status = ($publish) ? 'publish' : 'draft'; 
    422422        $post_author = (int) $user->ID; 
    423         $post_title = $entry->title
    424         $post_content = $entry->content
    425         $post_excerpt = $entry->summary
     423        $post_title = $this->escape($entry->title)
     424        $post_content = $this->escape($entry->content)
     425        $post_excerpt = $this->escape($entry->summary)
    426426        $post_date = current_time('mysql'); 
    427427        $post_date_gmt = current_time('mysql', 1); 
     
    479479        extract($entry); 
    480480 
    481         $post_title = $parsed->title
    482         $post_content = $parsed->content
    483         $post_excerpt = $parsed->summary
     481        $post_title = $this->escape($parsed->title)
     482        $post_content = $this->escape($parsed->content)
     483        $post_excerpt = $this->escape($parsed->summary)
    484484 
    485485        // let's not go backwards and make something draft again. 
     
    620620        extract($entry); 
    621621 
    622         $post_title = $parsed->title
    623         $post_content = $parsed->content
     622        $post_title = $this->escape($parsed->title)
     623        $post_content = $this->escape($parsed->content)
    624624 
    625625        $postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt');