[wp-trac] [WordPress Trac] #10874: Use esc_html() instead of htmlspecialchars() when appropriate
WordPress Trac
wp-trac at lists.automattic.com
Tue Sep 29 20:17:29 UTC 2009
#10874: Use esc_html() instead of htmlspecialchars() when appropriate
-------------------------+--------------------------------------------------
Reporter: scribu | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 2.9
Component: General | Version: 2.9
Severity: normal | Keywords: has-patch needs-testing
-------------------------+--------------------------------------------------
Comment(by azaozz):
esc_html() is a display filter, main difference from htmlspecialchars() is
that it doesn't double-encode some html entities and always encodes all
quotes. However when loading text to edit double-encoding is usually
needed.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10874#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list