Changeset 2699 for trunk/wp-includes/functions-formatting.php

Timestamp:

07/05/2005 08:47:22 PM (21 years ago)

Author:

ryan

Message:

Use wpdb->escape instead of addslashes to prepare DB bound data.

File:

• trunk/wp-includes/functions-formatting.php (modified) (1 diff)

trunk/wp-includes/functions-formatting.php

@@ -524 +524 @@
 
 function addslashes_gpc($gpc) {
-    if (!get_magic_quotes_gpc()) {
-        $gpc = addslashes($gpc);
-    }
-    return $gpc;
+    global $wpdb;
+
+    if (get_magic_quotes_gpc()) {
+        $gpc = stripslashes($gpc);
+    }
+
+    return $wpdb->escape($gpc);
 }