- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/2.2/wp-includes/functions.php
r5789 r5830 204 204 /* Options functions */ 205 205 206 // expects $setting to already be SQL-escaped 206 207 function get_option($setting) { 207 208 global $wpdb; … … 303 304 } 304 305 306 // expects $option_name to NOT be SQL-escaped 305 307 function update_option($option_name, $newvalue) { 306 308 global $wpdb; … … 308 310 wp_protect_special_option($option_name); 309 311 312 $safe_option_name = $wpdb->escape($option_name); 313 310 314 if ( is_string($newvalue) ) 311 315 $newvalue = trim($newvalue); 312 316 313 317 // If the new and old values are the same, no need to update. 314 $oldvalue = get_option($ option_name);318 $oldvalue = get_option($safe_option_name); 315 319 if ( $newvalue === $oldvalue ) { 316 320 return false; … … 350 354 351 355 // thx Alex Stapleton, http://alex.vort-x.net/blog/ 356 // expects $name to NOT be SQL-escaped 352 357 function add_option($name, $value = '', $description = '', $autoload = 'yes') { 353 358 global $wpdb; 354 359 355 360 wp_protect_special_option($name); 361 $safe_name = $wpdb->escape($name); 356 362 357 363 // Make sure the option doesn't already exist. We can check the 'notoptions' cache before we ask for a db query 358 364 $notoptions = wp_cache_get('notoptions', 'options'); 359 365 if ( !is_array($notoptions) || !isset($notoptions[$name]) ) 360 if ( false !== get_option($ name) )366 if ( false !== get_option($safe_name) ) 361 367 return; 362 368
Note: See TracChangeset
for help on using the changeset viewer.