Changeset 23416 for trunk/wp-admin/options.php
- Timestamp:
- 02/14/2013 10:51:06 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/options.php
r22653 r23416 121 121 if ( is_multisite() && ! is_super_admin() ) 122 122 wp_die( __( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) ); 123 $options = explode( ',', stripslashes( $_POST[ 'page_options' ] ) );123 $options = explode( ',', wp_unslash( $_POST[ 'page_options' ] ) ); 124 124 } else { 125 125 $options = $whitelist_options[ $option_page ]; … … 128 128 // Handle custom date/time formats 129 129 if ( 'general' == $option_page ) { 130 if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['date_format'] ) )130 if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['date_format'] ) ) 131 131 $_POST['date_format'] = $_POST['date_format_custom']; 132 if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['time_format'] ) )132 if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['time_format'] ) ) 133 133 $_POST['time_format'] = $_POST['time_format_custom']; 134 134 // Map UTC+- timezones to gmt_offsets and set timezone_string to empty. … … 151 151 if ( ! is_array( $value ) ) 152 152 $value = trim( $value ); 153 $value = stripslashes_deep( $value );153 $value = wp_unslash( $value ); 154 154 } 155 155 update_option( $option, $value );
Note: See TracChangeset
for help on using the changeset viewer.