Ticket #7197: wp-patch-quotes.diff

File wp-patch-quotes.diff, 1.2 KB (added by sesee, 4 years ago)

  • wp-admin/includes/user.php 

    diff -ruN wordpress.orig/wp-admin/includes/user.php wordpress/wp-admin/includes/user.php
    old new  
    3939        if ( isset( $_POST['pass2'] )) 
    4040                $pass2 = $_POST['pass2']; 
    4141 
     42        if (get_magic_quotes_gpc()) { 
     43                $pass1 = stripslashes($pass1); 
     44                $pass2 = stripslashes($pass2); 
     45        } 
     46 
    4247        if ( isset( $_POST['role'] ) && current_user_can( 'edit_users' ) ) { 
    4348                if( $user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap( 'edit_users' )) 
    4449                        $user->role = $_POST['role']; 

  • wp-includes/user.php 

    diff -ruN wordpress.orig/wp-includes/user.php wordpress/wp-includes/user.php
    old new  
    1919        else 
    2020                $credentials['remember'] = false; 
    2121 
     22        if ( get_magic_quotes_gpc() ) 
     23                $credentials['user_password'] = stripslashes($credentials['user_password']); 
     24 
    2225        do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password'])); 
    2326 
    2427        // If no credential info provided, check cookie.