WordPress.org

Make WordPress Core

Changeset 11344


Ignore:
Timestamp:
05/15/09 21:27:39 (5 years ago)
Author:
ryan
Message:

Escape posts passed as objects. Props Denis-de-Bernardy. fixes #9727

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/post.php

    r11323 r11344  
    16121612 * @since 1.0.0 
    16131613 * 
    1614  * @param array|object $postarr Post data. 
     1614 * @param array|object $postarr Post data. Arrays are expected to be escaped, objects are not. 
    16151615 * @return int 0 on failure, Post ID on success. 
    16161616 */ 
    16171617function wp_update_post($postarr = array()) { 
    1618     if ( is_object($postarr) ) 
     1618    if ( is_object($postarr) ) { 
     1619        // non-escaped post was passed 
    16191620        $postarr = get_object_vars($postarr); 
     1621        $postarr = add_magic_quotes($postarr); 
     1622    } 
    16201623 
    16211624    // First, get all of the original fields 
Note: See TracChangeset for help on using the changeset viewer.