Make WordPress Core

Changeset 8511


Ignore:
Timestamp:
07/30/2008 05:17:51 PM (16 years ago)
Author:
ryan
Message:

Add prohphylactic addlashes when evaling query. Props xknown.

Location:
branches/2.6/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/2.6/wp-includes/classes.php

    r8263 r8511  
    111111
    112112                    // Substitute the substring matches into the query.
    113                     eval("\$query = \"$query\";");
     113                    eval("\$query = \"" . addslashes($query) . "\";");
    114114                    $this->matched_query = $query;
    115115
  • branches/2.6/wp-includes/rewrite.php

    r8366 r8511  
    153153
    154154            // Substitute the substring matches into the query.
    155             eval("\$query = \"$query\";");
     155            eval("\$query = \"" . addslashes($query) . "\";");
    156156            // Filter out non-public query vars
    157157            global $wp;
Note: See TracChangeset for help on using the changeset viewer.