Make WordPress Core


Ignore:
Timestamp:
07/30/2008 05:17:38 PM (16 years ago)
Author:
ryan
Message:

Add prohphylactic addlashes when evaling query. Props xknown.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/rewrite.php

    r8365 r8510  
    153153
    154154            // Substitute the substring matches into the query.
    155             eval("\$query = \"$query\";");
     155            eval("\$query = \"" . addslashes($query) . "\";");
    156156            // Filter out non-public query vars
    157157            global $wp;
Note: See TracChangeset for help on using the changeset viewer.