Make WordPress Core

Context Navigation

← Previous Ticket
Next Ticket →

Opened 18 years ago

Closed 18 years ago

Last modified 18 years ago

#6640 closed defect (bug) (fixed)

Login should use DB prepare method on user input

Reported by:	filosofo	Owned by:
Milestone:	2.5.1	Priority:	normal
Severity:	normal	Version:
Component:	General	Keywords:	wp-login wpdb prepare mysql has-patch
Focuses:		Cc:

Description

I noticed that wp-login.php runs DB queries from user-inputted data that is sanitized in an ad hoc manner. If for no other reason than consistency, it seems to me that all such queries should use the prepare method, as this patch does.

Attachments (1)

prepare_login_queries.diff (1.5 KB) - added by filosofo 18 years ago.

Download all attachments as: .zip

Change History (4)

@filosofo
18 years ago

Attachment prepare_login_queries.diff added

#1 @ryan
18 years ago

Resolution set to fixed
Status changed from new to closed

(In [7632]) Use DB prepare on login queries. Props filosofo. fixes #6640 for 2.5

#2 @ryan
18 years ago

(In [7633]) Use DB prepare on login queries. Props filosofo. fixes #6640 for trunk

#3 @ryan
18 years ago

Milestone changed from 2.6 to 2.5.1

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats: