X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/54fb5972b908f9c2b16cd82cee580bcf61565873..0f29eadd474473203a1182f52af1aa82721cecbd:/wp-admin/edit-page-form.php?ds=sidebyside
diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php
index c9b7ef5b..b0e603e0 100644
--- a/wp-admin/edit-page-form.php
+++ b/wp-admin/edit-page-form.php
@@ -9,16 +9,19 @@ if (0 == $post_ID) {
$temp_ID = -1 * time();
$form_extra = "";
} else {
+ $post_ID = (int) $post_ID;
$form_action = 'editpost';
$nonce_action = 'update-post_' . $post_ID;
$form_extra = "";
}
-$sendto = wp_get_referer();
+$temp_ID = (int) $temp_ID;
+$user_ID = (int) $user_ID;
+
+$sendto = attribute_escape(wp_get_referer());
if ( 0 != $post_ID && $sendto == get_permalink($post_ID) )
$sendto = 'redo';
-$sendto = wp_specialchars( $sendto );
?>
@@ -61,7 +64,7 @@ addLoadEvent(focusit);