From 4c7a3a64921dcae36899aab637b0d3465a8bbbef Mon Sep 17 00:00:00 2001
From: nacin <nacin@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 2 May 2012 16:29:39 +0000
Subject: [PATCH] Always escape the output of get_pagenum_link(). fixes #14556.

git-svn-id: http://core.svn.wordpress.org/trunk@20685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/link-template.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php
index 04fdd9552..d0d62f22a 100644
--- a/wp-includes/link-template.php
+++ b/wp-includes/link-template.php
@@ -1372,9 +1372,11 @@ function adjacent_post_link($format, $link, $in_same_cat = false, $excluded_cate
  * @since 1.5.0
  *
  * @param int $pagenum Optional. Page ID.
+ * @param bool $escape Optional. Whether to escape the URL for display, with esc_url(). Defaults to true.
+* 	Otherwise, prepares the URL with esc_url_raw().
  * @return string
  */
-function get_pagenum_link($pagenum = 1) {
+function get_pagenum_link($pagenum = 1, $escape = true ) {
 	global $wp_rewrite;
 
 	$pagenum = (int) $pagenum;
@@ -1425,7 +1427,10 @@ function get_pagenum_link($pagenum = 1) {
 
 	$result = apply_filters('get_pagenum_link', $result);
 
-	return $result;
+	if ( $escape )
+		return esc_url( $result );
+	else
+		return esc_url_raw( $result );
 }
 
 /**