Changeset 24716
- Timestamp:
- 07/16/2013 02:38:54 PM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/class-wp-xmlrpc-server.php
r24639 r24716 212 212 213 213 /** 214 * Sanitize string or array of strings for database.214 * Escape string or array of strings for database. 215 215 * 216 216 * @since 1.5.2 217 217 * 218 * @param string|array $array Sanitize single string or array of strings. 219 * @return string|array Type matches $array and sanitized for the database. 220 */ 221 function escape(&$array) { 222 global $wpdb; 223 224 if (!is_array($array)) { 225 return($wpdb->escape($array)); 226 } else { 227 foreach ( (array) $array as $k => $v ) { 228 if ( is_array($v) ) { 229 $this->escape($array[$k]); 230 } else if ( is_object($v) ) { 231 //skip 232 } else { 233 $array[$k] = $wpdb->escape($v); 234 } 235 } 218 * @param string|array $data Escape single string or array of strings. 219 * @return string|array Type matches $data and sanitized for the database. 220 */ 221 function escape( &$data ) { 222 if ( ! is_array( $data ) ) 223 return wp_slash( $data ); 224 225 foreach ( $data as &$v ) { 226 if ( ! is_object( $v ) ) 227 $v = wp_slash( $v ); 236 228 } 237 229 } … … 2986 2978 2987 2979 if ( $logged_in ) { 2988 $comment['comment_author'] = $ wpdb->escape( $user->display_name );2989 $comment['comment_author_email'] = $ wpdb->escape( $user->user_email );2990 $comment['comment_author_url'] = $ wpdb->escape( $user->user_url );2980 $comment['comment_author'] = $this->escape( $user->display_name ); 2981 $comment['comment_author_email'] = $this->escape( $user->user_email ); 2982 $comment['comment_author_url'] = $this->escape( $user->user_url ); 2991 2983 $comment['user_ID'] = $user->ID; 2992 2984 } else { … … 4924 4916 4925 4917 $blog_ID = (int) $args[0]; 4926 $username = $ wpdb->escape($args[1]);4927 $password = $ wpdb->escape($args[2]);4918 $username = $this->escape($args[1]); 4919 $password = $this->escape($args[2]); 4928 4920 $data = $args[3]; 4929 4921 … … 5452 5444 5453 5445 $context = '[…] ' . esc_html( $excerpt ) . ' […]'; 5454 $pagelinkedfrom = $ wpdb->escape( $pagelinkedfrom );5446 $pagelinkedfrom = $this->escape( $pagelinkedfrom ); 5455 5447 5456 5448 $comment_post_ID = (int) $post_ID;
Note: See TracChangeset
for help on using the changeset viewer.