Make WordPress Core


Ignore:
Timestamp:
09/27/2009 05:33:56 AM (15 years ago)
Author:
markjaquith
Message:

esc_sql() for wp-includes

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/post.php

    r11976 r11978  
    17531753        // Page slugs must be unique within their own trees.  Pages are in a
    17541754        // separate namespace than posts so page slugs are allowed to overlap post slugs.
    1755         $check_sql = "SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type IN ( '" . implode("', '", $wpdb->escape($hierarchical_post_types)) . "' ) AND ID != %d AND post_parent = %d LIMIT 1";
     1755        $check_sql = "SELECT post_name FROM $wpdb->posts WHERE post_name = %s AND post_type IN ( '" . implode("', '", esc_sql($hierarchical_post_types)) . "' ) AND ID != %d AND post_parent = %d LIMIT 1";
    17561756        $post_name_check = $wpdb->get_var($wpdb->prepare($check_sql, $slug, $post_ID, $post_parent));
    17571757
Note: See TracChangeset for help on using the changeset viewer.