Add a prophylactic specialchars to the object in explain nonce. see #5838

git-svn-id: http://svn.automattic.com/wordpress/trunk@6817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-02-13 18:14:38 +00:00
parent f77f58e7cb
commit 0ac5af1f6e

View File

@ -1256,7 +1256,7 @@ function wp_explain_nonce( $action ) {
$object = $matches[4];
if ( 'use_id' != $lookup )
$object = call_user_func( $lookup, $object );
return sprintf( $trans[$verb][$noun][0], $object );
return sprintf( $trans[$verb][$noun][0], wp_specialchars($object) );
} else {
return $trans[$verb][$noun][0];
}