diff --git a/src/wp-includes/formatting.php b/src/wp-includes/formatting.php
index 1a8d7b6507..880fea8d0a 100644
|
a
|
b
|
function untrailingslashit( $string ) { |
| 2676 | 2676 | * @return string Returns a string escaped with slashes. |
| 2677 | 2677 | */ |
| 2678 | 2678 | function addslashes_gpc( $gpc ) { |
| 2679 | | if ( get_magic_quotes_gpc() ) { |
| 2680 | | $gpc = stripslashes( $gpc ); |
| 2681 | | } |
| 2682 | | |
| 2683 | 2679 | return wp_slash( $gpc ); |
| 2684 | 2680 | } |
| 2685 | 2681 | |
| … |
… |
function map_deep( $value, $callback ) { |
| 4769 | 4765 | /** |
| 4770 | 4766 | * Parses a string into variables to be stored in an array. |
| 4771 | 4767 | * |
| 4772 | | * Uses {@link https://secure.php.net/parse_str parse_str()} and stripslashes if |
| 4773 | | * {@link https://secure.php.net/magic_quotes magic_quotes_gpc} is on. |
| 4774 | 4768 | * |
| 4775 | 4769 | * @since 2.2.1 |
| 4776 | 4770 | * |
| … |
… |
function map_deep( $value, $callback ) { |
| 4779 | 4773 | */ |
| 4780 | 4774 | function wp_parse_str( $string, &$array ) { |
| 4781 | 4775 | parse_str( $string, $array ); |
| 4782 | | if ( get_magic_quotes_gpc() ) { |
| 4783 | | $array = stripslashes_deep( $array ); |
| 4784 | | } |
| | 4776 | |
| 4785 | 4777 | /** |
| 4786 | 4778 | * Filters the array of variables derived from a parsed string. |
| 4787 | 4779 | * |
diff --git a/src/wp-includes/load.php b/src/wp-includes/load.php
index 38b4b771b2..133c03d11e 100644
|
a
|
b
|
function wp_set_internal_encoding() { |
| 925 | 925 | * @access private |
| 926 | 926 | */ |
| 927 | 927 | function wp_magic_quotes() { |
| 928 | | // If already slashed, strip. |
| 929 | | if ( get_magic_quotes_gpc() ) { |
| 930 | | $_GET = stripslashes_deep( $_GET ); |
| 931 | | $_POST = stripslashes_deep( $_POST ); |
| 932 | | $_COOKIE = stripslashes_deep( $_COOKIE ); |
| 933 | | } |
| 934 | | |
| 935 | 928 | // Escape with wpdb. |
| 936 | 929 | $_GET = add_magic_quotes( $_GET ); |
| 937 | 930 | $_POST = add_magic_quotes( $_POST ); |
diff --git a/src/wp-includes/rest-api/class-wp-rest-request.php b/src/wp-includes/rest-api/class-wp-rest-request.php
index 3089547ce7..38bc0570a3 100644
|
a
|
b
|
protected function parse_body_params() { |
| 689 | 689 | |
| 690 | 690 | parse_str( $this->get_body(), $params ); |
| 691 | 691 | |
| 692 | | /* |
| 693 | | * Amazingly, parse_str follows magic quote rules. Sigh. |
| 694 | | * |
| 695 | | * NOTE: Do not refactor to use `wp_unslash`. |
| 696 | | */ |
| 697 | | if ( get_magic_quotes_gpc() ) { |
| 698 | | $params = stripslashes_deep( $params ); |
| 699 | | } |
| 700 | | |
| 701 | 692 | /* |
| 702 | 693 | * Add to the POST parameters stored internally. If a user has already |
| 703 | 694 | * set these manually (via `set_body_params`), don't override them. |