X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/6c8f14c09105d0afa4c1574215c59b5021040e76..c55863f11e8589bf8d4a5698bf15752406654f1c:/wp-admin/press-this.php
diff --git a/wp-admin/press-this.php b/wp-admin/press-this.php
index 6542fa31..5e9e2596 100644
--- a/wp-admin/press-this.php
+++ b/wp-admin/press-this.php
@@ -9,7 +9,7 @@
define('IFRAME_REQUEST' , true);
/** WordPress Administration Bootstrap */
-require_once('./admin.php');
+require_once( dirname( __FILE__ ) . '/admin.php' );
header('Content-Type: ' . get_option('html_type') . '; charset=' . get_option('blog_charset'));
@@ -91,11 +91,11 @@ if ( isset($_REQUEST['action']) && 'post' == $_REQUEST['action'] ) {
}
// Set Variables
-$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( stripslashes( $_GET['t'] ) , ENT_QUOTES) ) ) : '';
+$title = isset( $_GET['t'] ) ? trim( strip_tags( html_entity_decode( wp_unslash( $_GET['t'] ) , ENT_QUOTES) ) ) : '';
$selection = '';
if ( !empty($_GET['s']) ) {
- $selection = str_replace(''', "'", stripslashes($_GET['s']));
+ $selection = str_replace(''', "'", wp_unslash($_GET['s']));
$selection = trim( htmlspecialchars( html_entity_decode($selection, ENT_QUOTES) ) );
}
@@ -303,16 +303,19 @@ die;