Ticket #7197: no_magic_quotes_on_passwords.patch
| File no_magic_quotes_on_passwords.patch, 1.9 KB (added by mystyman, 3 years ago) |
|---|
-
wp-includes/functions.php
1325 1325 * @param array $array Array to used to walk while sanitizing contents. 1326 1326 * @return array Sanitized $array. 1327 1327 */ 1328 function add_magic_quotes( $array ) {1328 function add_magic_quotes( $array, $donottouch=array() ) { 1329 1329 global $wpdb; 1330 1331 1330 foreach ( (array) $array as $k => $v ) { 1332 1331 if ( is_array( $v ) ) { 1333 1332 $array[$k] = add_magic_quotes( $v ); 1334 } else {1333 } elseif ( !in_array($k, $donottouch) ) { 1335 1334 $array[$k] = $wpdb->escape( $v ); 1336 1335 } 1337 1336 } -
wp-settings.php
582 582 583 583 // Escape with wpdb. 584 584 $_GET = add_magic_quotes($_GET ); 585 $_POST = add_magic_quotes($_POST 585 $_POST = add_magic_quotes($_POST, $donottouch=array('pwd','pass1','pass2') ); 586 586 $_COOKIE = add_magic_quotes($_COOKIE); 587 587 $_SERVER = add_magic_quotes($_SERVER); 588 588 -
wp-admin/includes/user.php
148 148 $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter your password twice.' ), array( 'form-field' => 'pass2' ) ); 149 149 } 150 150 151 /* Check for "\" in password */152 if( strpos( " ".$pass1, "\\" ) )153 $errors->add( 'pass', __( '<strong>ERROR</strong>: Passwords may not contain the character "\\".' ), array( 'form-field' => 'pass1' ) );154 155 151 /* checking the password has been typed twice the same */ 156 152 if ( $pass1 != $pass2 ) 157 153 $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in the two password fields.' ), array( 'form-field' => 'pass1' ) );
