WordPress.org

Make WordPress Core

Changeset 8511


Ignore:
Timestamp:
07/30/08 17:17:51 (6 years ago)
Author:
ryan
Message:

Add prohphylactic addlashes when evaling query. Props xknown.

Location:
branches/2.6/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/2.6/wp-includes/classes.php

    r8263 r8511  
    111111 
    112112                    // Substitute the substring matches into the query. 
    113                     eval("\$query = \"$query\";"); 
     113                    eval("\$query = \"" . addslashes($query) . "\";"); 
    114114                    $this->matched_query = $query; 
    115115 
  • branches/2.6/wp-includes/rewrite.php

    r8366 r8511  
    153153 
    154154            // Substitute the substring matches into the query. 
    155             eval("\$query = \"$query\";"); 
     155            eval("\$query = \"" . addslashes($query) . "\";"); 
    156156            // Filter out non-public query vars 
    157157            global $wp; 
Note: See TracChangeset for help on using the changeset viewer.