Wordpress 2.0.4

[autoinstalls/wordpress.git] / wp-includes / wp-db.php

diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php
index 97238c39792b3f360ca85487e471ac0685d6169c..8a4ebaa64e18bd8ca3b2dc9940a282ad1d8b1370 100644 (file)
--- a/wp-includes/wp-db.php
+++ b/wp-includes/wp-db.php
@@ -93,12 +93,14 @@ class wpdb {
                $EZSQL_ERROR[] = 
                array ('query' => $this->last_query, 'error_str' => $str);
 
+               $str = htmlspecialchars($str, ENT_QUOTES);
+               $query = htmlspecialchars($this->last_query, ENT_QUOTES);
                // Is error output turned on or not..
                if ( $this->show_errors ) {
                        // If there is an error then take note of it
                        print "<div id='error'>
                        <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
-                       <code>$this->last_query</code></p>
+                       <code>$query</code></p>
                        </div>";
                } else {
                        return false;