WordPress.org

Make WordPress Core

Ticket #9640: 9640.patch

File 9640.patch, 1.0 KB (added by hakre, 9 years ago)

add_magic_quotes now takes care of the type of data passed.

  • wp-includes/functions.php

    ### Eclipse Workspace Patch 1.0
    #P wordpress
     
    13151315 * @uses $wpdb Used to sanitize values
    13161316 * @since 0.71
    13171317 *
    1318  * @param array $array Array to used to walk while sanitizing contents.
    1319  * @return array Sanitized $array.
     1318 * @param  mixed $array Array or else to used to walk while sanitizing contents.
     1319 * @return mixed Sanitized $array.
    13201320 */
    13211321function add_magic_quotes( $array ) {
    13221322        global $wpdb;
    1323 
    1324         foreach ( (array) $array as $k => $v ) {
    1325                 if ( is_array( $v ) ) {
     1323       
     1324        if ( is_array($array) ) {
     1325                foreach ( $array as $k => $v ) {
    13261326                        $array[$k] = add_magic_quotes( $v );
    1327                 } else {
    1328                         $array[$k] = $wpdb->escape( $v );
    1329                 }
    1330         }
     1327                }       
     1328        } elseif ( is_string($array) ) {
     1329                $array = $wpdb->escape( $array );                                               
     1330        }
     1331        // no need to handle other types (float, bool, callback, resource, object etc.)
     1332       
    13311333        return $array;
    13321334}
    13331335