Make WordPress Core


Ignore:
Timestamp:
03/01/2013 05:14:09 PM (11 years ago)
Author:
ryan
Message:

Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/upgrade.php

    r23554 r23567  
    7878switch ( $step ) :
    7979    case 0:
    80         $goback = stripslashes( wp_get_referer() );
     80        $goback = wp_unslash( wp_get_referer() );
    8181        $goback = esc_url_raw( $goback );
    8282        $goback = urlencode( $goback );
     
    9191        wp_upgrade();
    9292
    93             $backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
     93            $backto = !empty($_GET['backto']) ? wp_unslash( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
    9494            $backto = esc_url( $backto );
    9595            $backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
Note: See TracChangeset for help on using the changeset viewer.