Wordpress 3.6

[autoinstalls/wordpress.git] / wp-admin / network / sites.php

diff --git a/wp-admin/network/sites.php b/wp-admin/network/sites.php
index e9b314da1d8891aa0f036a48c1a3c7cf9382a182..93341c35e97eeeae6e22dc9c36711996a0ee0d41 100644 (file)
--- a/wp-admin/network/sites.php
+++ b/wp-admin/network/sites.php
@@ -73,13 +73,13 @@ if ( isset( $_GET['action'] ) ) {
                                ?>
                        </head>
                        <body class="wp-core-ui">
-                               <h1 id="logo"><a href="<?php esc_attr_e( 'http://wordpress.org/' ); ?>"><?php _e( 'WordPress' ); ?></a></h1>
+                               <h1 id="logo"><a href="<?php echo esc_url( __( 'http://wordpress.org/' ) ); ?>"><?php _e( 'WordPress' ); ?></a></h1>
                                <form action="sites.php?action=<?php echo esc_attr( $_GET['action2'] ) ?>" method="post">
                                        <input type="hidden" name="action" value="<?php echo esc_attr( $_GET['action2'] ) ?>" />
                                        <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
                                        <input type="hidden" name="_wp_http_referer" value="<?php echo esc_attr( wp_get_referer() ); ?>" />
                                        <?php wp_nonce_field( $_GET['action2'], '_wpnonce', false ); ?>
-                                       <p><?php echo esc_html( stripslashes( $_GET['msg'] ) ); ?></p>
+                                       <p><?php echo esc_html( wp_unslash( $_GET['msg'] ) ); ?></p>
                                        <?php submit_button( __('Confirm'), 'button' ); ?>
                                </form>
                        </body>