Better escaping from class, fixes #1394

git-svn-id: http://svn.automattic.com/wordpress/trunk@2684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2025-01-22 08:11:52 +01:00 · 2005-07-02 23:31:43 +00:00 · 2005-07-02 23:31:43 +00:00 · 76fd741767
commit 76fd741767
parent 56c304f8bb
1 changed files with 4 additions and 1 deletions
--- a/wp-includes/wp-db.php
+++ b/wp-includes/wp-db.php
@ -77,7 +77,10 @@ class wpdb {
 	//	Format a string correctly for safe insert under all PHP conditions
 	
 	function escape($str) {
-		return addslashes($str);				
+		if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' )
+			return mysql_escape_string( $string );
+		else
+			return mysql_real_escape_string( $string, $this->dbh );
 	}

 	// ==================================================================