Unescape user data before sending to wpdb::update() and wpdb::insert(), which expect unescaped data.

git-svn-id: http://svn.automattic.com/wordpress/trunk@6656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-01-25 02:21:59 +00:00 · 2008-01-25 02:21:59 +00:00 · 4b812eb11f
parent 6f7d120d5b
commit 4b812eb11f
1 changed files with 1 additions and 0 deletions
--- a/wp-includes/registration.php
+++ b/wp-includes/registration.php
@ -158,6 +158,7 @@ function wp_insert_user($userdata) {
 		$user_registered = gmdate('Y-m-d H:i:s');

 	$data = compact( 'user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered' );
+	$data = stripslashes_deep( $data );

 	if ( $update ) {
 		$wpdb->update( $wpdb->users, $data, compact( 'ID' ) );