From 97355f28fdd4a1d9b9fc838675cded1940b7a577 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Mon, 17 Apr 2006 23:33:08 +0000
Subject: [PATCH] Escape single quotes in options.php. fixes #2656

git-svn-id: http://svn.automattic.com/wordpress/trunk@3710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/options.php                 | 2 +-
 wp-includes/functions-formatting.php | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/wp-admin/options.php b/wp-admin/options.php
index 5e479e45d..9b44a7c0a 100644
--- a/wp-admin/options.php
+++ b/wp-admin/options.php
@@ -95,7 +95,7 @@ default:
 $options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name");
 
 foreach ($options as $option) :
-	$value = wp_specialchars($option->option_value);
+	$value = wp_specialchars($option->option_value, 'single');
 	echo "
 <tr>
 	<th scope='row'><label for='$option->option_name'>$option->option_name</label></th>
diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php
index 7480deeb6..63731a5b0 100644
--- a/wp-includes/functions-formatting.php
+++ b/wp-includes/functions-formatting.php
@@ -103,6 +103,8 @@ function wp_specialchars( $text, $quotes = 0 ) {
 	$text = str_replace('>', '&gt;', $text);
 	if ( 'double' === $quotes ) {
 		$text = str_replace('"', '&quot;', $text);
+	} elseif ( 'single' === $quotes ) {
+		$text = str_replace("'", '&#039;', $text);
 	} elseif ( $quotes ) {
 		$text = str_replace('"', '&quot;', $text);
 		$text = str_replace("'", '&#039;', $text);