diff options
Diffstat (limited to 'wp-includes/wp-db.php')
| -rw-r--r-- | wp-includes/wp-db.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php index 37f361a..03b3bc0 100644 --- a/wp-includes/wp-db.php +++ b/wp-includes/wp-db.php @@ -100,12 +100,14 @@ class wpdb { $EZSQL_ERROR[] = array ('query' => $this->last_query, 'error_str' => $str); + $str = htmlspecialchars($str, ENT_QUOTES); + $query = htmlspecialchars($this->last_query, ENT_QUOTES); // Is error output turned on or not.. if ( $this->show_errors ) { // If there is an error then take note of it print "<div id='error'> <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br /> - <code>$this->last_query</code></p> + <code>$query</code></p> </div>"; } else { return false; |