Changeset 23592
- Timestamp:
- 03/03/2013 04:55:53 PM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/ms-functions.php
r23554 r23592 280 280 */ 281 281 function create_empty_blog( $domain, $path, $weblog_title, $site_id = 1 ) { 282 $domain = addslashes( $domain );283 $weblog_title = addslashes( $weblog_title );284 285 282 if ( empty($path) ) 286 283 $path = '/'; … … 583 580 $blogname = apply_filters( 'newblogname', $blogname ); 584 581 585 $blog_title = stripslashes( $blog_title );582 $blog_title = wp_unslash( $blog_title ); 586 583 587 584 if ( empty( $blog_title ) ) … … 637 634 $key = substr( md5( time() . rand() . $domain ), 0, 16 ); 638 635 $meta = serialize($meta); 639 $domain = $wpdb->escape($domain);640 $path = $wpdb->escape($path);641 $title = $wpdb->escape($title);642 636 643 637 $wpdb->insert( $wpdb->signups, array( … … 841 835 842 836 $meta = maybe_unserialize($signup->meta); 843 $user_login = $wpdb->escape($signup->user_login);844 $user_email = $wpdb->escape($signup->user_email);845 837 $password = wp_generate_password( 12, false ); 846 838 … … 848 840 849 841 if ( ! $user_id ) 850 $user_id = wpmu_create_user($ user_login, $password, $user_email);842 $user_id = wpmu_create_user($signup->user_login, $password, $signup->user_email); 851 843 else 852 844 $user_already_exists = true; … … 1025 1017 Remote IP: %3$s 1026 1018 1027 Disable these notifications: %4$s' ), $blogname, $siteurl, $_SERVER['REMOTE_ADDR'], $options_site_url);1019 Disable these notifications: %4$s' ), $blogname, $siteurl, wp_unslash( $_SERVER['REMOTE_ADDR'] ), $options_site_url); 1028 1020 $msg = apply_filters( 'newblog_notify_siteadmin', $msg ); 1029 1021 … … 1059 1051 Remote IP: %2$s 1060 1052 1061 Disable these notifications: %3$s'), $user->user_login, $_SERVER['REMOTE_ADDR'], $options_site_url);1053 Disable these notifications: %3$s'), $user->user_login, wp_unslash( $_SERVER['REMOTE_ADDR'] ), $options_site_url); 1062 1054 1063 1055 $msg = apply_filters( 'newuser_notify_siteadmin', $msg, $user ); … … 1158 1150 update_option( 'upload_path', get_blog_option( $current_site->blog_id, 'upload_path' ) ); 1159 1151 1160 update_option( 'blogname', stripslashes( $blog_title ) );1152 update_option( 'blogname', wp_unslash( $blog_title ) ); 1161 1153 update_option( 'admin_email', '' ); 1162 1154 … … 1215 1207 return false; 1216 1208 1217 $welcome_email = stripslashes( get_site_option( 'welcome_email' ));1209 $welcome_email = get_site_option( 'welcome_email' ); 1218 1210 if ( $welcome_email == false ) 1219 $welcome_email = stripslashes(__( 'Dear User,1211 $welcome_email = __( 'Dear User, 1220 1212 1221 1213 Your new SITE_NAME site has been successfully set up at: … … 1229 1221 We hope you enjoy your new site. Thanks! 1230 1222 1231 --The Team @ SITE_NAME' ) );1223 --The Team @ SITE_NAME' ); 1232 1224 1233 1225 $url = get_blogaddress_by_id($blog_id); … … 1253 1245 $current_site->site_name = 'WordPress'; 1254 1246 1255 $subject = apply_filters( 'update_welcome_subject', sprintf(__('New %1$s Site: %2$s'), $current_site->site_name, stripslashes( $title ) ) );1247 $subject = apply_filters( 'update_welcome_subject', sprintf(__('New %1$s Site: %2$s'), $current_site->site_name, wp_unslash( $title ) ) ); 1256 1248 wp_mail($user->user_email, $subject, $message, $message_headers); 1257 1249 return true; … … 1482 1474 global $wpdb; 1483 1475 $user = get_userdata( (int) $user_id ); 1484 $wpdb->insert( $wpdb->registration_log, array('email' => $user->user_email, 'IP' => preg_replace( '/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR']), 'blog_id' => $blog_id, 'date_registered' => current_time('mysql')) );1476 $wpdb->insert( $wpdb->registration_log, array('email' => $user->user_email, 'IP' => preg_replace( '/[^0-9., ]/', '', wp_unslash( $_SERVER['REMOTE_ADDR'] ) ), 'blog_id' => $blog_id, 'date_registered' => current_time('mysql')) ); 1485 1477 } 1486 1478
Note: See TracChangeset
for help on using the changeset viewer.