Changeset 11978 for trunk/wp-includes/functions.php

Timestamp:

09/27/2009 05:33:56 AM (17 years ago)

Author:

markjaquith

Message:

esc_sql() for wp-includes

File:

• trunk/wp-includes/functions.php (modified) (6 diffs)

trunk/wp-includes/functions.php

@@ -498 +498 @@
     wp_protect_special_option( $option_name );
 
-    $safe_option_name = $wpdb->escape( $option_name );
+    $safe_option_name = esc_sql( $option_name );
     $newvalue = sanitize_option( $option_name, $newvalue );
 
@@ -572 +572 @@
 
     wp_protect_special_option( $name );
-    $safe_name = $wpdb->escape( $name );
+    $safe_name = esc_sql( $name );
     $value = sanitize_option( $name, $value );
 
@@ -655 +655 @@
         return wp_cache_delete($transient, 'transient');
     } else {
-        $transient = '_transient_' . $wpdb->escape($transient);
+        $transient = '_transient_' . esc_sql($transient);
         return delete_option($transient);
     }
@@ -683 +683 @@
         $value = wp_cache_get($transient, 'transient');
     } else {
-        $transient_option = '_transient_' . $wpdb->escape($transient);
+        $transient_option = '_transient_' . esc_sql($transient);
         // If option is not in alloptions, it is not autoloaded and thus has a timeout
         $alloptions = wp_load_alloptions();
         if ( !isset( $alloptions[$transient_option] ) ) {
-            $transient_timeout = '_transient_timeout_' . $wpdb->escape($transient);
+            $transient_timeout = '_transient_timeout_' . esc_sql($transient);
             if ( get_option($transient_timeout) < time() ) {
                 delete_option($transient_option);
@@ -724 +724 @@
         $transient_timeout = '_transient_timeout_' . $transient;
         $transient = '_transient_' . $transient;
-        $safe_transient = $wpdb->escape($transient);
+        $safe_transient = esc_sql($transient);
         if ( false === get_option( $safe_transient ) ) {
             $autoload = 'yes';
@@ -1413 +1413 @@
             $array[$k] = add_magic_quotes( $v );
         } else {
-            $array[$k] = $wpdb->escape( $v );
+            $array[$k] = esc_sql( $v );
         }
     }