Make WordPress Core


Ignore:
Timestamp:
03/01/2013 05:14:09 PM (12 years ago)
Author:
ryan
Message:

Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/options.php

    r23554 r23567  
    121121        if ( is_multisite() && ! is_super_admin() )
    122122            wp_die( __( 'You do not have sufficient permissions to modify unregistered settings for this site.' ) );
    123         $options = explode( ',', stripslashes( $_POST[ 'page_options' ] ) );
     123        $options = explode( ',', wp_unslash( $_POST[ 'page_options' ] ) );
    124124    } else {
    125125        $options = $whitelist_options[ $option_page ];
     
    128128    // Handle custom date/time formats
    129129    if ( 'general' == $option_page ) {
    130         if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['date_format'] ) )
     130        if ( !empty($_POST['date_format']) && isset($_POST['date_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['date_format'] ) )
    131131            $_POST['date_format'] = $_POST['date_format_custom'];
    132         if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == stripslashes( $_POST['time_format'] ) )
     132        if ( !empty($_POST['time_format']) && isset($_POST['time_format_custom']) && '\c\u\s\t\o\m' == wp_unslash( $_POST['time_format'] ) )
    133133            $_POST['time_format'] = $_POST['time_format_custom'];
    134134        // Map UTC+- timezones to gmt_offsets and set timezone_string to empty.
     
    151151                if ( ! is_array( $value ) )
    152152                    $value = trim( $value );
    153                 $value = stripslashes_deep( $value );
     153                $value = wp_unslash( $value );
    154154            }
    155155            update_option( $option, $value );
Note: See TracChangeset for help on using the changeset viewer.