WordPress.org

Make WordPress Core

Changeset 9129


Ignore:
Timestamp:
10/13/08 02:48:45 (6 years ago)
Author:
azaozz
Message:

Fix stripslashes for post metadata, phpDoc updates for media.php, props jacobsantos, fixes #7871

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/media.php

    r9053 r9129  
    681681} 
    682682 
    683 // produce HTML for the image alignment radio buttons with the specified one checked 
    684 /** 
    685  * {@internal Missing Short Description}} 
     683/** 
     684 * Retrieve HTML for the image alignment radio buttons with the specified one checked. 
    686685 * 
    687686 * @since unknown 
     
    707706} 
    708707 
    709 // produce HTML for the size radio buttons with the specified one checked 
    710 /** 
    711  * {@internal Missing Short Description}} 
     708/** 
     709 * Retrieve HTML for the size radio buttons with the specified one checked. 
    712710 * 
    713711 * @since unknown 
     
    724722        foreach ( $size_names as $size => $name) { 
    725723            $downsize = image_downsize($post->ID, $size); 
    726              
     724 
    727725            // is this size selectable? 
    728726            $enabled = ( $downsize[3] || 'full' == $size ); 
     
    754752} 
    755753 
    756 // produce HTML for the Link URL buttons with the default link type as specified 
    757 /** 
    758  * {@internal Missing Short Description}} 
     754/** 
     755 * Retrieve HTML for the Link URL buttons with the default link type as specified. 
    759756 * 
    760757 * @since unknown 
     
    961958 
    962959/** 
    963  * {@internal Missing Short Description}} 
    964  * 
    965  * @since unknown 
    966  * 
    967  * @param unknown_type $post_id 
    968  * @param unknown_type $errors 
    969  * @return unknown 
     960 * Retrieve HTML for media items of post gallery. 
     961 * 
     962 * The HTML markup retrieved will be created for the progress of SWF Upload 
     963 * component. Will also create link for showing and hiding the form to modify 
     964 * the image attachment. 
     965 * 
     966 * @since unknown 
     967 * 
     968 * @param int $post_id Optional. Post ID. 
     969 * @param array $errors Errors for attachment, if any. 
     970 * @return string 
    970971 */ 
    971972function get_media_items( $post_id, $errors ) { 
     
    993994 
    994995/** 
    995  * {@internal Missing Short Description}} 
    996  * 
    997  * @since unknown 
    998  * 
    999  * @param unknown_type $attachment_id 
    1000  * @param unknown_type $args 
    1001  * @return unknown 
     996 * Retrieve HTML form for modifying the image attachment. 
     997 * 
     998 * @since unknown 
     999 * 
     1000 * @param int $attachment_id Attachment ID for modification. 
     1001 * @param string|array $args Optional. Override defaults. 
     1002 * @return string HTML form for attachment. 
    10021003 */ 
    10031004function get_media_item( $attachment_id, $args = null ) { 
     
    18041805} 
    18051806 
    1806 // support a GET parameter for disabling the flash uploader 
    1807 /** 
    1808  * {@internal Missing Short Description}} 
     1807/** 
     1808 * {@internal Missing Short Description}} 
     1809 * 
     1810 * Support a GET parameter for disabling the flash uploader. 
    18091811 * 
    18101812 * @since unknown 
     
    18541856add_action('post-html-upload-ui', 'media_upload_html_bypass'); 
    18551857 
    1856 // make sure the GET parameter sticks when we submit a form 
    1857 /** 
    1858  * {@internal Missing Short Description}} 
     1858/** 
     1859 * {@internal Missing Short Description}} 
     1860 * 
     1861 * Make sure the GET parameter sticks when we submit a form. 
    18591862 * 
    18601863 * @since unknown 
  • trunk/wp-includes/post.php

    r9123 r9129  
    520520    // expected_slashed ($meta_key) 
    521521    $meta_key = stripslashes($meta_key); 
    522     $meta_value = stripslashes($meta_value); 
    523522 
    524523    if ( $unique && $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) 
    525524        return false; 
    526525 
    527     $meta_value = maybe_serialize($meta_value); 
     526    $meta_value = maybe_serialize( stripslashes_deep($meta_value) ); 
    528527 
    529528    $wpdb->insert( $wpdb->postmeta, compact( 'post_id', 'meta_key', 'meta_value' ) ); 
     
    546545 * 
    547546 * @param int $post_id post ID 
    548  * @param string $key Metadata name. 
    549  * @param mixed $value Optional. Metadata value. 
     547 * @param string $meta_key Metadata name. 
     548 * @param mixed $meta_value Optional. Metadata value. 
    550549 * @return bool False for failure. True for success. 
    551550 */ 
    552 function delete_post_meta($post_id, $key, $value = '') { 
     551function delete_post_meta($post_id, $meta_key, $meta_value = '') { 
    553552    global $wpdb; 
    554553 
    555554    $post_id = absint( $post_id ); 
    556555 
    557     // expected_slashed ($key, $value) 
    558     $key = stripslashes( $key ); 
    559     $value = stripslashes( $value ); 
    560  
    561     if ( empty( $value ) ) 
    562         $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) ); 
     556    // expected_slashed ($meta_key, $meta_value) 
     557    $meta_key = stripslashes( $meta_key ); 
     558    $meta_value = maybe_serialize( stripslashes_deep($meta_value) ); 
     559 
     560    if ( empty( $meta_value ) ) 
     561        $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $meta_key ) ); 
    563562    else 
    564         $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) ); 
     563        $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT meta_id FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $meta_key, $meta_value ) ); 
    565564 
    566565    if ( !$meta_id ) 
    567566        return false; 
    568567 
    569     if ( empty( $value ) ) 
    570         $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $key ) ); 
     568    if ( empty( $meta_value ) ) 
     569        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s", $post_id, $meta_key ) ); 
    571570    else 
    572         $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $key, $value ) ); 
     571        $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->postmeta WHERE post_id = %d AND meta_key = %s AND meta_value = %s", $post_id, $meta_key, $meta_value ) ); 
    573572 
    574573    wp_cache_delete($post_id, 'post_meta'); 
     
    633632    // expected_slashed ($meta_key) 
    634633    $meta_key = stripslashes($meta_key); 
    635     $meta_value = stripslashes($meta_value); 
    636634 
    637635    if ( ! $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->postmeta WHERE meta_key = %s AND post_id = %d", $meta_key, $post_id ) ) ) { 
     
    639637    } 
    640638 
    641     $meta_value = maybe_serialize($meta_value); 
     639    $meta_value = maybe_serialize( stripslashes_deep($meta_value) ); 
    642640 
    643641    $data  = compact( 'meta_value' ); 
Note: See TracChangeset for help on using the changeset viewer.