WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #21767, comment 48


Ignore:
Timestamp:
02/04/13 15:38:16 (3 years ago)
Author:
ryan
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #21767, comment 48

    initial v1  
    1 Clls to esc_sql(), $wpdb->escape(), addslashes(), add_magic_quotes() on data passed to core API also need to be audited and probably removed. Escaping should be done with $wpdb->prepare() ( or update() and insert() ) right before the data goes to the DB. 
     1Calls to esc_sql(), $wpdb->escape(), addslashes(), add_magic_quotes() on data passed to core API also need to be audited and probably removed. Escaping should be done with $wpdb->prepare() ( or update() and insert() ) right before the data goes to the DB.