Changeset 4676
- Timestamp:
- 01/05/2007 05:45:46 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-trackback.php
r4495 r4676 31 31 } 32 32 33 $tb_url = $_POST['url']; 34 $title = $_POST['title']; 35 $excerpt = $_POST['excerpt']; 36 $blog_name = $_POST['blog_name']; 37 $charset = $_POST['charset']; 33 $tb_url = $_POST['url']; 34 $charset = $_POST['charset']; 35 36 // These three are stripslashed here so that they can be properly escaped after mb_convert_encoding() 37 $title = stripslashes($_POST['title']); 38 $excerpt = stripslashes($_POST['excerpt']); 39 $blog_name = stripslashes($_POST['blog_name']); 38 40 39 41 if ($charset) … … 47 49 $blog_name = mb_convert_encoding($blog_name, get_option('blog_charset'), $charset); 48 50 } 51 52 // Now that mb_convert_encoding() has been given a swing, we need to escape these three 53 $title = $wpdb->escape($title); 54 $excerpt = $wpdb->escape($excerpt); 55 $blog_name = $wpdb->escape($blog_name); 49 56 50 57 if ( is_single() || is_page() )
Note: See TracChangeset
for help on using the changeset viewer.