$EZSQL_ERROR[] =
array ('query' => $this->last_query, 'error_str' => $str);
+ $str = htmlspecialchars($str, ENT_QUOTES);
+ $query = htmlspecialchars($this->last_query, ENT_QUOTES);
// Is error output turned on or not..
if ( $this->show_errors ) {
// If there is an error then take note of it
print "<div id='error'>
<p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
- <code>$this->last_query</code></p>
+ <code>$query</code></p>
</div>";
} else {
return false;