WordPress.org

Make WordPress Core

Ticket #10360: 10360.2.diff

File 10360.2.diff, 994 bytes (added by Denis-de-Bernardy, 9 years ago)

alternative approach: slash $_REQUEST

  • wp-settings.php

     
    588588
    589589// If already slashed, strip.
    590590if ( get_magic_quotes_gpc() ) {
    591         $_GET    = stripslashes_deep($_GET   );
    592         $_POST   = stripslashes_deep($_POST  );
    593         $_COOKIE = stripslashes_deep($_COOKIE);
     591        $_GET     = stripslashes_deep($_GET    );
     592        $_POST    = stripslashes_deep($_POST   );
     593        $_REQUEST = stripslashes_deep($_REQUEST);
     594        $_COOKIE  = stripslashes_deep($_COOKIE );
    594595}
    595596
    596597// Escape with wpdb.
    597 $_GET    = add_magic_quotes($_GET   );
    598 $_POST   = add_magic_quotes($_POST  );
    599 $_COOKIE = add_magic_quotes($_COOKIE);
    600 $_SERVER = add_magic_quotes($_SERVER);
     598$_GET     = add_magic_quotes($_GET    );
     599$_POST    = add_magic_quotes($_POST   );
     600$_REQUEST = add_magic_quotes($_REQUEST);
     601$_COOKIE  = add_magic_quotes($_COOKIE );
     602$_SERVER  = add_magic_quotes($_SERVER );
    601603
    602604do_action('sanitize_comment_cookies');
    603605