WordPress.org

Make WordPress Core

Opened 12 years ago

Closed 12 years ago

#5901 closed defect (bug) (fixed)

Inconsistent user option name sanitization

Reported by: filosofo Owned by:
Milestone: 2.5 Priority: normal
Severity: normal Version: 2.5
Component: General Keywords: update_user_option get_user_option has-patch sanitization
Focuses: Cc:
PR Number:

Description

update_user_option sanitizes the option name, because it sends the option to update_usermeta which does the sanitizing. However, get_user_option doesn't sanitize the option name before checking whether the option is among the userdata. So, if your option name has non-kosher characters, you'll never be able to retrieve it using get_user_option.

The attached patch sanitizes the option in get_user_option.

Attachments (1)

get_user_option-sanitization.diff (382 bytes) - added by filosofo 12 years ago.

Download all attachments as: .zip

Change History (2)

#1 @ryan
12 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [6902]) Make user option name sanitization consistent. Props filosofo. fixes #5901

Note: See TracTickets for help on using tickets.