WordPress.org

Make WordPress Core

Changeset 3587


Ignore:
Timestamp:
03/02/2006 02:49:06 AM (14 years ago)
Author:
ryan
Message:

DB escaping in fix_attachment_links(). #2434

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.0/wp-admin/admin-functions.php

    r3556 r3587  
    9191    global $wp_rewrite;
    9292
    93     $post = & get_post($post_ID);
     93    $post = & get_post($post_ID, ARRAY_A);
    9494
    9595    $search = "#<a[^>]+rel=('|\")[^'\"]*attachment[^>]*>#ie";
    9696
    9797    // See if we have any rel="attachment" links
    98     if ( 0 == preg_match_all($search, $post->post_content, $anchor_matches, PREG_PATTERN_ORDER) )
     98    if ( 0 == preg_match_all($search, $post['post_content'], $anchor_matches, PREG_PATTERN_ORDER) )
    9999        return;
    100100
     
    108108
    109109        // While we have the attachment ID, let's adopt any orphans.
    110         $attachment = & get_post($id);
    111         if ( ! is_object(get_post($attachment->post_parent)) ) {
    112             $attachment->post_parent = $post_ID;
     110        $attachment = & get_post($id, ARRAY_A);
     111        if ( ! empty($attachment) && ! is_object(get_post($attachment['post_parent'])) ) {
     112            $attachment['post_parent'] = $post_ID;
     113            // Escape data pulled from DB.
     114            $attachment = add_magic_quotes($attachment);
    113115            wp_update_post($attachment);
    114116        }
     
    119121    }
    120122
    121     $post->post_content = str_replace($post_search, $post_replace, $post->post_content);
     123    $post['post_content'] = str_replace($post_search, $post_replace, $post['post_content']);
     124
     125    // Escape data pulled from DB.
     126    $post = add_magic_quotes($post);
    122127
    123128    return wp_update_post($post);
Note: See TracChangeset for help on using the changeset viewer.