WordPress.org

Make WordPress Core


Ignore:
Timestamp:
03/01/2013 05:58:43 PM (8 years ago)
Author:
nacin
Message:

Ensure the referer functions operate completely on unslashed data: wp_referer_field(), wp_original_referer_field(), wp_get_referer(), wp_get_original_referer().

Use wp_slash() instead of addslashes().

see #21767.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-comments.php

    r23567 r23578  
    2222    if ( 'delete_all' == $doaction && !empty( $_REQUEST['pagegen_timestamp'] ) ) {
    2323        $comment_status = wp_unslash( $_REQUEST['comment_status'] );
    24         $delete_time = wp_unslash ( $_REQUEST['pagegen_timestamp'] );
     24        $delete_time = wp_unslash( $_REQUEST['pagegen_timestamp'] );
    2525        $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_approved = %s AND %s > comment_date_gmt", $comment_status, $delete_time ) );
    2626        $doaction = 'delete';
Note: See TracChangeset for help on using the changeset viewer.