Ticket #5901: get_user_option-sanitization.diff

File get_user_option-sanitization.diff, 382 bytes (added by filosofo, 4 years ago)

  • wp-includes/user.php

     
    8282function get_user_option( $option, $user = 0 ) { 
    8383        global $wpdb; 
    8484 
     85        $option = preg_replace('|[^a-z0-9_]|i', '', $option); 
    8586        if ( empty($user) ) 
    8687                $user = wp_get_current_user(); 
    8788        else