WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #25775, comment 31


Ignore:
Timestamp:
10/07/2014 03:31:52 AM (5 years ago)
Author:
boonebgorges
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #25775, comment 31

    initial v1  
    22
    33* When you pass a value to `validate_column()` that contains a dot, it's trusted - no validation takes place.
    4 * Return results of `validate_column()` are run through `esc_sql()`, since we're no longer so strictly checking against a whitelist (though tbh the check is not entirely strict at the moment).
     4* Return results of `validate_column()` are run through `esc_sql()`, since we're no longer so strictly checking against a whitelist (though tbh the whitelist check that's currently there does not look very airtight to me).
    55* When a non-dotted value is passed to `validate_column()`, check to see if it's a core date column (`$known_columns`), and if so, add the appropriate prefix.
    66