Context Navigation

← Previous Ticket
Next Ticket →

#2221 closed defect (bug) (invalid)

Single quotes in user login breaks some MySQL queries

Reported by:	majelbstoat	Owned by:
Milestone:		Priority:	normal
Severity:	normal	Version:	2.0
Component:	Administration	Keywords:	single quote user_login MySQL bg\|has-patch
Focuses:		Cc:

Description

One of my user logins has a single quote in it that causes MySQL errors in the pluggable function get_userdatabylogin(). It may also cause problems in other areas of the code, but I haven't come across them yet.

Adding slashes to sanitize_user() in functions-formatting.php seems to work.

Diff attached.

Attachments (1)

addslashes to sanitize_user.diff (442 bytes) - added by majelbstoat 19 years ago.: Diff to add slashes to a sanitised username.

Download all attachments as: .zip

Change History (3)

@majelbstoat
19 years ago

Attachment addslashes to sanitize_user.diff added

Diff to add slashes to a sanitised username.

#1 @majelbstoat
19 years ago

Keywords bg|has-patch added

#2 @majelbstoat
19 years ago

Resolution set to invalid
Status changed from new to closed

Closing this bug. It was a bug in the calling plugin's code, not WordPress. Plugin authors, make sure you always call get_userdatabylogin() with a valid userlogin, not a user name!

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core