From 91efba11adb82de4e22dbed3da8b89936c4e4a73 Mon Sep 17 00:00:00 2001 From: ryan Date: Tue, 5 Jul 2005 20:47:22 +0000 Subject: [PATCH] Use wpdb->escape instead of addslashes to prepare DB bound data. git-svn-id: http://svn.automattic.com/wordpress/trunk@2699 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/admin-functions.php | 2 +- wp-admin/edit-page-form.php | 2 +- wp-admin/import-blogger.php | 16 +++++------ wp-admin/import-greymatter.php | 40 ++++++++++++++-------------- wp-admin/import-livejournal.php | 4 +-- wp-admin/import-mt.php | 26 +++++++++--------- wp-admin/import-rss.php | 6 ++--- wp-admin/import-textpattern.php | 4 +-- wp-admin/install.php | 10 +++---- wp-admin/link-categories.php | 12 ++++----- wp-admin/link-import.php | 2 +- wp-admin/update-links.php | 4 +-- wp-admin/upgrade-functions.php | 18 ++++++------- wp-comments-post.php | 6 ++--- wp-includes/comment-functions.php | 4 +-- wp-includes/functions-formatting.php | 9 ++++--- wp-includes/functions.php | 6 +++-- wp-settings.php | 17 ++++++++---- xmlrpc.php | 2 +- 19 files changed, 101 insertions(+), 89 deletions(-) diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php index 6498cbad0c..7ac6ef6d3a 100644 --- a/wp-admin/admin-functions.php +++ b/wp-admin/admin-functions.php @@ -448,7 +448,7 @@ function cat_rows($parent = 0, $level = 0, $categories = 0) { $count = $wpdb->get_var("SELECT COUNT(post_id) FROM $wpdb->post2cat WHERE category_id = $category->cat_ID"); $pad = str_repeat('— ', $level); if ( $user_level > 3 ) - $edit = "" . __('Edit') . "cat_name)) . "')\" class='delete'>" . __('Delete') . ""; + $edit = "" . __('Edit') . "escape($category->cat_name)) . "')\" class='delete'>" . __('Delete') . ""; else $edit = ''; diff --git a/wp-admin/edit-page-form.php b/wp-admin/edit-page-form.php index 87cd25898f..c64985ef6b 100644 --- a/wp-admin/edit-page-form.php +++ b/wp-admin/edit-page-form.php @@ -132,7 +132,7 @@ edCanvas = document.getElementById('content'); : - post_title) ) . "')\""; ?> /> + escape($post->post_title) ) . "')\""; ?> /> diff --git a/wp-admin/import-blogger.php b/wp-admin/import-blogger.php index c573a3f061..19a47fc84f 100644 --- a/wp-admin/import-blogger.php +++ b/wp-admin/import-blogger.php @@ -62,16 +62,16 @@ case "step1": //$post_number = $postinfo[3]; $post_title = $postinfo[4]; - $post_author = trim(addslashes($postinfo[1])); + $post_author = trim($wpdb->escape($postinfo[1])); // we'll check the author is registered already $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_login = '$post_author'"); if (!$user) { // seems s/he's not, so let's register $user_joindate = '1979-06-06 00:41:00'; // that's my birthdate (gmt+1) - I could choose any other date. You could change the date too. Just remember the year must be >=1970 or the world would just randomly fall on your head (everything might look fine, and then blam! major headache!) - $user_login = addslashes($post_author); - $pass1 = addslashes('password'); - $user_email = addslashes('user@wordpress.org'); - $user_url = addslashes(''); - $user_joindate = addslashes($user_joindate); + $user_login = $wpdb->escape($post_author); + $pass1 = $wpdb->escape('password'); + $user_email = $wpdb->escape('user@wordpress.org'); + $user_url = $wpdb->escape(''); + $user_joindate = $wpdb->escape($user_joindate); $result = $wpdb->query(" INSERT INTO $wpdb->users ( user_login, @@ -111,10 +111,10 @@ case "step1": $post_date = "$postyear-$postmonth-$postday $posthour:$postminute:$postsecond"; - $post_content = addslashes($post_content); + $post_content = $wpdb->escape($post_content); $post_content = str_replace('
', '
', $post_content); // the XHTML touch... ;) - $post_title = addslashes($post_title); + $post_title = $wpdb->escape($post_title); // Quick-n-dirty check for dups: $dupcheck = $wpdb->get_results("SELECT ID,post_date,post_title FROM $wpdb->posts WHERE post_date='$post_date' AND post_title='$post_title' LIMIT 1",ARRAY_A); diff --git a/wp-admin/import-greymatter.php b/wp-admin/import-greymatter.php index 371671a798..4d96a82c0e 100644 --- a/wp-admin/import-greymatter.php +++ b/wp-admin/import-greymatter.php @@ -90,12 +90,12 @@ case "step1": $s=$userdata[4]; $user_joindate=substr($s,6,4)."-".substr($s,0,2)."-".substr($s,3,2)." 00:00:00"; - $user_login=addslashes($userdata[0]); - $pass1=addslashes($userdata[1]); - $user_nickname=addslashes($userdata[0]); - $user_email=addslashes($userdata[2]); - $user_url=addslashes($userdata[3]); - $user_joindate=addslashes($user_joindate); + $user_login=$wpdb->escape($userdata[0]); + $pass1=$wpdb->escape($userdata[1]); + $user_nickname=$wpdb->escape($userdata[0]); + $user_email=$wpdb->escape($userdata[2]); + $user_url=$wpdb->escape($userdata[3]); + $user_joindate=$wpdb->escape($user_joindate); $loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'"); if ($loginthere) { @@ -147,18 +147,18 @@ case "step1": $postmaincontent=gm2autobr($entry[2]); $postmorecontent=gm2autobr($entry[3]); - $post_author=trim(addslashes($postinfo[1])); + $post_author=trim($wpdb->escape($postinfo[1])); // we'll check the author is registered, or if it's a deleted author $sql = "SELECT * FROM $wpdb->users WHERE user_login = '$post_author'"; $result = $wpdb->query($sql); if (! $result) { // if deleted from GM, we register the author as a level 0 user in wp $user_joindate="1979-06-06 00:41:00"; - $user_login=addslashes($post_author); - $pass1=addslashes("password"); - $user_nickname=addslashes($post_author); - $user_email=addslashes("user@deleted.com"); - $user_url=addslashes(""); - $user_joindate=addslashes($user_joindate); + $user_login=$wpdb->escape($post_author); + $pass1=$wpdb->escape("password"); + $user_nickname=$wpdb->escape($post_author); + $user_email=$wpdb->escape("user@deleted.com"); + $user_url=$wpdb->escape(""); + $user_joindate=$wpdb->escape($user_joindate); $query = "INSERT INTO $wpdb->users (user_login,user_pass,user_email,user_url,user_registered,user_level) VALUES ('$user_login','$pass1','$user_email','$user_url','$user_joindate','0')"; $result = $wpdb->query($query); if ($result==false) { @@ -171,7 +171,7 @@ case "step1": $post_author_ID = $wpdb->get_var($sql); $post_title=gm2autobr($postinfo[2]); - $post_title=addslashes($post_title); + $post_title=$wpdb->escape($post_title); $postyear=$postinfo[6]; $postmonth=zeroise($postinfo[4],2); @@ -188,7 +188,7 @@ case "step1": $post_content=$postmaincontent; if (strlen($postmorecontent)>3) $post_content .= "

".$postmorecontent; - $post_content=addslashes($post_content); + $post_content=$wpdb->escape($post_content); $post_karma=$postinfo[12]; @@ -222,10 +222,10 @@ case "step1": $entry[$j]=gm2autobr($entry[$j]); $commentinfo=explode("|",$entry[$j]); $comment_post_ID=$post_ID; - $comment_author=addslashes($commentinfo[0]); - $comment_author_email=addslashes($commentinfo[2]); - $comment_author_url=addslashes($commentinfo[3]); - $comment_author_IP=addslashes($commentinfo[1]); + $comment_author=$wpdb->escape($commentinfo[0]); + $comment_author_email=$wpdb->escape($commentinfo[2]); + $comment_author_url=$wpdb->escape($commentinfo[3]); + $comment_author_IP=$wpdb->escape($commentinfo[1]); $commentyear=$commentinfo[7]; $commentmonth=zeroise($commentinfo[5],2); @@ -237,7 +237,7 @@ case "step1": $commenthour=$commenthour+12; $comment_date="$commentyear-$commentmonth-$commentday $commenthour:$commentminute:$commentsecond"; - $comment_content=addslashes($commentinfo[12]); + $comment_content=$wpdb->escape($commentinfo[12]); $sql3 = "INSERT INTO $wpdb->comments (comment_post_ID,comment_author,comment_author_email,comment_author_url,comment_author_IP,comment_date,comment_content) VALUES ('$comment_post_ID','$comment_author','$comment_author_email','$comment_author_url','$comment_author_IP','$comment_date','$comment_content')"; $result3 = $wpdb->query($sql3); diff --git a/wp-admin/import-livejournal.php b/wp-admin/import-livejournal.php index 05326a7519..ce766381f6 100644 --- a/wp-admin/import-livejournal.php +++ b/wp-admin/import-livejournal.php @@ -82,7 +82,7 @@ $title = $date = $categories = $content = $post_id = ''; echo "
  • Importing post... "; preg_match('|(.*?)|is', $post, $title); -$title = addslashes( trim($title[1]) ); +$title = $wpdb->escape( trim($title[1]) ); $post_name = sanitize_title($title); preg_match('|(.*?)|is', $post, $date); @@ -92,7 +92,7 @@ $post_date = date('Y-m-d H:i:s', $date); preg_match('|(.*?)|is', $post, $content); -$content = str_replace( array(''), '', addslashes( trim($content[1]) ) ); +$content = str_replace( array(''), '', $wpdb->escape( trim($content[1]) ) ); // Now lets put it in the DB if ($wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE post_title = '$title' AND post_date = '$post_date'")) : diff --git a/wp-admin/import-mt.php b/wp-admin/import-mt.php index a1e6f4821d..b520d4c69f 100644 --- a/wp-admin/import-mt.php +++ b/wp-admin/import-mt.php @@ -206,7 +206,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { // We want the excerpt preg_match("|-----\nEXCERPT:(.*)|s", $post, $excerpt); - $excerpt = addslashes(trim($excerpt[1])); + $excerpt = $wpdb->escape(trim($excerpt[1])); $post = preg_replace("|(-----\nEXCERPT:.*)|s", '', $post); // We're going to put extended body into main body with a more tag @@ -218,7 +218,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { // Now for the main body preg_match("|-----\nBODY:(.*)|s", $post, $body); $body = trim($body[1]); - $post_content = addslashes($body . $extended); + $post_content = $wpdb->escape($body . $extended); $post = preg_replace("|(-----\nBODY:.*)|s", '', $post); // Grab the metadata from what's left @@ -235,7 +235,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { $post_author = $value; break; case 'TITLE': - $post_title = addslashes($value); + $post_title = $wpdb->escape($value); echo ''.stripslashes($post_title).'... '; $post_name = sanitize_title($post_title); break; @@ -264,10 +264,10 @@ foreach ($posts as $post) { if ('' != trim($post)) { } break; case 'PRIMARY CATEGORY': - $post_categories[] = addslashes($value); + $post_categories[] = $wpdb->escape($value); break; case 'CATEGORY': - $post_categories[] = addslashes($value); + $post_categories[] = $wpdb->escape($value); break; case 'DATE': $post_date = strtotime($value); @@ -323,11 +323,11 @@ foreach ($posts as $post) { if ('' != trim($post)) { if ('' != trim($comment)) { // Author preg_match("|AUTHOR:(.*)|", $comment, $comment_author); - $comment_author = addslashes(trim($comment_author[1])); + $comment_author = $wpdb->escape(trim($comment_author[1])); $comment = preg_replace('|(\n?AUTHOR:.*)|', '', $comment); preg_match("|EMAIL:(.*)|", $comment, $comment_email); - $comment_email = addslashes(trim($comment_email[1])); + $comment_email = $wpdb->escape(trim($comment_email[1])); $comment = preg_replace('|(\n?EMAIL:.*)|', '', $comment); preg_match("|IP:(.*)|", $comment, $comment_ip); @@ -335,7 +335,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { $comment = preg_replace('|(\n?IP:.*)|', '', $comment); preg_match("|URL:(.*)|", $comment, $comment_url); - $comment_url = addslashes(trim($comment_url[1])); + $comment_url = $wpdb->escape(trim($comment_url[1])); $comment = preg_replace('|(\n?URL:.*)|', '', $comment); preg_match("|DATE:(.*)|", $comment, $comment_date); @@ -343,7 +343,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { $comment_date = date('Y-m-d H:i:s', strtotime($comment_date)); $comment = preg_replace('|(\n?DATE:.*)|', '', $comment); - $comment_content = addslashes(trim($comment)); + $comment_content = $wpdb->escape(trim($comment)); $comment_content = str_replace('-----', '', $comment_content); // Check if it's already there @@ -364,7 +364,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { if ('' != trim($ping)) { // 'Author' preg_match("|BLOG NAME:(.*)|", $ping, $comment_author); - $comment_author = addslashes(trim($comment_author[1])); + $comment_author = $wpdb->escape(trim($comment_author[1])); $ping = preg_replace('|(\n?BLOG NAME:.*)|', '', $ping); $comment_email = ''; @@ -374,7 +374,7 @@ foreach ($posts as $post) { if ('' != trim($post)) { $ping = preg_replace('|(\n?IP:.*)|', '', $ping); preg_match("|URL:(.*)|", $ping, $comment_url); - $comment_url = addslashes(trim($comment_url[1])); + $comment_url = $wpdb->escape(trim($comment_url[1])); $ping = preg_replace('|(\n?URL:.*)|', '', $ping); preg_match("|DATE:(.*)|", $ping, $comment_date); @@ -383,10 +383,10 @@ foreach ($posts as $post) { if ('' != trim($post)) { $ping = preg_replace('|(\n?DATE:.*)|', '', $ping); preg_match("|TITLE:(.*)|", $ping, $ping_title); - $ping_title = addslashes(trim($ping_title[1])); + $ping_title = $wpdb->escape(trim($ping_title[1])); $ping = preg_replace('|(\n?TITLE:.*)|', '', $ping); - $comment_content = addslashes(trim($ping)); + $comment_content = $wpdb->escape(trim($ping)); $comment_content = str_replace('-----', '', $comment_content); $comment_content = "$ping_title\n\n$comment_content"; diff --git a/wp-admin/import-rss.php b/wp-admin/import-rss.php index 2e3f49b80f..cb7b615a23 100644 --- a/wp-admin/import-rss.php +++ b/wp-admin/import-rss.php @@ -87,7 +87,7 @@ $title = $date = $categories = $content = $post_id = ''; echo "
  • Importing post... "; preg_match('|(.*?)|is', $post, $title); -$title = addslashes( trim($title[1]) ); +$title = $wpdb->escape( trim($title[1]) ); $post_name = sanitize_title($title); preg_match('|(.*?)|is', $post, $date); @@ -112,11 +112,11 @@ if (!$categories) : endif; preg_match('|(.*?)|is', $post, $guid); -if ($guid) $guid = addslashes( trim($guid[1]) ); +if ($guid) $guid = $wpdb->escape( trim($guid[1]) ); else $guid = ''; preg_match('|(.*?)|is', $post, $content); -$content = str_replace( array(''), '', addslashes( trim($content[1]) ) ); +$content = str_replace( array(''), '', $wpdb->escape( trim($content[1]) ) ); if (!$content) : // This is for feeds that put content in description preg_match('|(.*?)|is', $post, $content); diff --git a/wp-admin/import-textpattern.php b/wp-admin/import-textpattern.php index 0f5323fced..d2f81738eb 100644 --- a/wp-admin/import-textpattern.php +++ b/wp-admin/import-textpattern.php @@ -98,8 +98,8 @@ while ($post = mysql_fetch_array($posts)) { $timestamp = mktime($hour, $minute, $second, $month, $day, $year); $posted = date('Y-m-d H:i:s', $timestamp); - $content = addslashes($post['Body_html']); - $title = addslashes($post['Title']); + $content = $wpdb->escape($post['Body_html']); + $title = $wpdb->escape($post['Title']); $post_name = sanitize_title($title); $wpdb->query("INSERT INTO $wpdb->posts diff --git a/wp-admin/install.php b/wp-admin/install.php index d037d7be1b..f5ad4b2600 100644 --- a/wp-admin/install.php +++ b/wp-admin/install.php @@ -143,7 +143,7 @@ $wpdb->query("UPDATE $wpdb->options SET option_value = '$weblog_title' WHERE opt $wpdb->query("UPDATE $wpdb->options SET option_value = '$admin_email' WHERE option_name = 'admin_email'"); // Now drop in some default links -$wpdb->query("INSERT INTO $wpdb->linkcategories (cat_id, cat_name) VALUES (1, '".addslashes(__('Blogroll'))."')"); +$wpdb->query("INSERT INTO $wpdb->linkcategories (cat_id, cat_name) VALUES (1, '".$wpdb->escape(__('Blogroll'))."')"); $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://blog.carthik.net/index.php', 'Carthik', 1, 'http://blog.carthik.net/feed/');"); $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://blogs.linux.ie/xeer/', 'Donncha', 1, 'http://blogs.linux.ie/xeer/feed/');"); $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://zengun.org/weblog/', 'Michel', 1, 'http://zengun.org/weblog/feed/');"); @@ -154,21 +154,21 @@ $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_category, link_rss) VALUES ('http://dougal.gunters.org/', 'Dougal', 1, 'http://dougal.gunters.org/feed/');"); // Default category -$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename) VALUES ('0', '".addslashes(__('Uncategorized'))."', '".sanitize_title(__('Uncategorized'))."')"); +$wpdb->query("INSERT INTO $wpdb->categories (cat_ID, cat_name, category_nicename) VALUES ('0', '".$wpdb->escape(__('Uncategorized'))."', '".sanitize_title(__('Uncategorized'))."')"); // First post $now = date('Y-m-d H:i:s'); $now_gmt = gmdate('Y-m-d H:i:s'); -$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt) VALUES ('1', '$now', '$now_gmt', '".addslashes(__('Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!'))."', '".addslashes(__('Hello world!'))."', '0', '".addslashes(__('hello-world'))."', '$now', '$now_gmt')"); +$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt) VALUES ('1', '$now', '$now_gmt', '".$wpdb->escape(__('Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!'))."', '".$wpdb->escape(__('Hello world!'))."', '0', '".$wpdb->escape(__('hello-world'))."', '$now', '$now_gmt')"); $wpdb->query( "INSERT INTO $wpdb->post2cat (`rel_id`, `post_id`, `category_id`) VALUES (1, 1, 1)" ); // Default comment -$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".addslashes(__('Mr WordPress'))."', '', 'http://wordpress.org', '$now', '$now_gmt', '".addslashes(__('Hi, this is a comment.
    To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')"); +$wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_date, comment_date_gmt, comment_content) VALUES ('1', '".$wpdb->escape(__('Mr WordPress'))."', '', 'http://wordpress.org', '$now', '$now_gmt', '".$wpdb->escape(__('Hi, this is a comment.
    To delete a comment, just log in, and view the posts\' comments, there you will have the option to edit or delete them.'))."')"); // First Page -$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt, post_status) VALUES ('1', '$now', '$now_gmt', '".addslashes(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '".addslashes(__('About'))."', '0', '".addslashes(__('about'))."', '$now', '$now_gmt', 'static')"); +$wpdb->query("INSERT INTO $wpdb->posts (post_author, post_date, post_date_gmt, post_content, post_title, post_category, post_name, post_modified, post_modified_gmt, post_status) VALUES ('1', '$now', '$now_gmt', '".$wpdb->escape(__('This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from. You can create as many pages like this one or sub-pages as you like and manage all of your content inside of WordPress.'))."', '".$wpdb->escape(__('About'))."', '0', '".$wpdb->escape(__('about'))."', '$now', '$now_gmt', 'static')"); // Set up admin user $random_password = substr(md5(uniqid(microtime())), 0, 6); diff --git a/wp-admin/link-categories.php b/wp-admin/link-categories.php index 4ca3e2ac36..86f3da384c 100644 --- a/wp-admin/link-categories.php +++ b/wp-admin/link-categories.php @@ -60,9 +60,9 @@ switch ($action) { if ($sort_desc != 'Y') { $sort_desc = 'N'; } - $text_before_link = addslashes($_POST['text_before_link']); - $text_after_link = addslashes($_POST['text_after_link']); - $text_after_all = addslashes($_POST['text_after_all']); + $text_before_link = $_POST['text_before_link']; + $text_after_link = $_POST['text_after_link']; + $text_after_all = $_POST['text_after_all']; $list_limit = $_POST['list_limit']; if ($list_limit == '') @@ -238,9 +238,9 @@ switch ($action) { if ($sort_desc != 'Y') { $sort_desc = 'N'; } - $text_before_link = addslashes($_POST["text_before_link"]); - $text_after_link = addslashes($_POST["text_after_link"]); - $text_after_all = addslashes($_POST["text_after_all"]); + $text_before_link = $_POST["text_before_link"]; + $text_after_link = $_POST["text_after_link"]; + $text_after_all = $_POST["text_after_all"]; $list_limit = $_POST["list_limit"]; if ($list_limit == '') diff --git a/wp-admin/link-import.php b/wp-admin/link-import.php index 51c1bf87ea..698bd7f843 100644 --- a/wp-admin/link-import.php +++ b/wp-admin/link-import.php @@ -107,7 +107,7 @@ switch ($step) { if ('http' == substr($titles[$i], 0, 4)) $titles[$i] = ''; $query = "INSERT INTO $wpdb->links (link_url, link_name, link_target, link_category, link_description, link_owner, link_rss) - VALUES('{$urls[$i]}', '".addslashes($names[$i])."', '', $cat_id, '".addslashes($descriptions[$i])."', $user_ID, '{$feeds[$i]}')\n"; + VALUES('{$urls[$i]}', '".$wpdb->escape($names[$i])."', '', $cat_id, '".$wpdb->escape($descriptions[$i])."', $user_ID, '{$feeds[$i]}')\n"; $result = $wpdb->query($query); echo sprintf(__("

    Inserted %s

    "), $names[$i]); } diff --git a/wp-admin/update-links.php b/wp-admin/update-links.php index 389a9a2598..a02474ea90 100644 --- a/wp-admin/update-links.php +++ b/wp-admin/update-links.php @@ -36,8 +36,8 @@ if( false !== ( $fs = fsockopen('api.pingomatic.com', 80, $errno, $errstr, 5) ) $returns = explode("\n", $body); foreach ($returns as $return) : - $time = addslashes( substr($return, 0, 19) ); - $uri = addslashes( preg_replace('/(.*?) | (.*?)/', '$2', $return) ); + $time = $wpdb->escape( substr($return, 0, 19) ); + $uri = $wpdb->escape( preg_replace('/(.*?) | (.*?)/', '$2', $return) ); $wpdb->query("UPDATE $wpdb->links SET link_updated = '$time' WHERE link_url = '$uri'"); endforeach; } diff --git a/wp-admin/upgrade-functions.php b/wp-admin/upgrade-functions.php index aa1fa1361d..f2ef5c9b70 100644 --- a/wp-admin/upgrade-functions.php +++ b/wp-admin/upgrade-functions.php @@ -221,23 +221,23 @@ function upgrade_160() { $users = $wpdb->get_results("SELECT * FROM $wpdb->users"); foreach ( $users as $user ) : if ( !empty( $user->user_firstname ) ) - update_usermeta( $user->ID, 'first_name', addslashes($user->user_firstname) ); + update_usermeta( $user->ID, 'first_name', $wpdb->escape($user->user_firstname) ); if ( !empty( $user->user_lastname ) ) - update_usermeta( $user->ID, 'last_name', addslashes($user->user_lastname) ); + update_usermeta( $user->ID, 'last_name', $wpdb->escape($user->user_lastname) ); if ( !empty( $user->user_nickname ) ) - update_usermeta( $user->ID, 'nickname', addslashes($user->user_nickname) ); + update_usermeta( $user->ID, 'nickname', $wpdb->escape($user->user_nickname) ); if ( !empty( $user->user_level ) ) update_usermeta( $user->ID, $table_prefix . 'user_level', $user->user_level ); if ( !empty( $user->user_icq ) ) - update_usermeta( $user->ID, 'icq', addslashes($user->user_icq) ); + update_usermeta( $user->ID, 'icq', $wpdb->escape($user->user_icq) ); if ( !empty( $user->user_aim ) ) - update_usermeta( $user->ID, 'aim', addslashes($user->user_aim) ); + update_usermeta( $user->ID, 'aim', $wpdb->escape($user->user_aim) ); if ( !empty( $user->user_msn ) ) - update_usermeta( $user->ID, 'msn', addslashes($user->user_msn) ); + update_usermeta( $user->ID, 'msn', $wpdb->escape($user->user_msn) ); if ( !empty( $user->user_yim ) ) - update_usermeta( $user->ID, 'yim', addslashes($user->user_icq) ); + update_usermeta( $user->ID, 'yim', $wpdb->escape($user->user_icq) ); if ( !empty( $user->user_description ) ) - update_usermeta( $user->ID, 'description', addslashes($user->user_description) ); + update_usermeta( $user->ID, 'description', $wpdb->escape($user->user_description) ); if ( !isset( $user->user_idmode ) ): $idmode = $user->user_idmode; @@ -248,7 +248,7 @@ function upgrade_160() { if ($idmode == 'namefl') $id = $user->user_firstname.' '.$user->user_lastname; if ($idmode == 'namelf') $id = $user->user_lastname.' '.$user->user_firstname; if (!$idmode) $id = $user->user_nickname; - $id = addslashes( $id ); + $id = $wpdb->escape( $id ); $wpdb->query("UPDATE $wpdb->users SET display_name = '$id' WHERE ID = '$user->ID'"); endif; endforeach; diff --git a/wp-comments-post.php b/wp-comments-post.php index 865bb280ee..ef49b8875f 100644 --- a/wp-comments-post.php +++ b/wp-comments-post.php @@ -24,9 +24,9 @@ $comment_content = trim($_POST['comment']); // If the user is logged in get_currentuserinfo(); if ( $user_ID ) : - $comment_author = addslashes($user_identity); - $comment_author_email = addslashes($user_email); - $comment_author_url = addslashes($user_url); + $comment_author = $wpdb->escape($user_identity); + $comment_author_email = $wpdb->escape($user_email); + $comment_author_url = $wpdb->escape($user_url); else : if ( get_option('comment_registration') ) die( __('Sorry, you must be logged in to post a comment.') ); diff --git a/wp-includes/comment-functions.php b/wp-includes/comment-functions.php index ea707ea069..e1b426e374 100644 --- a/wp-includes/comment-functions.php +++ b/wp-includes/comment-functions.php @@ -13,8 +13,8 @@ function comments_template( $file = '/comments.php' ) { if ( empty($comment_author) ) { $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date"); } else { - $author_db = addslashes($comment_author); - $email_db = addslashes($comment_author_email); + $author_db = $wpdb->escape($comment_author); + $email_db = $wpdb->escape($comment_author_email); $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND ( comment_approved = '1' OR ( comment_author = '$author_db' AND comment_author_email = '$email_db' AND comment_approved = '0' ) ) ORDER BY comment_date"); } diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php index 861cdb2a32..fa8a4e5840 100644 --- a/wp-includes/functions-formatting.php +++ b/wp-includes/functions-formatting.php @@ -523,10 +523,13 @@ function trailingslashit($string) { } function addslashes_gpc($gpc) { - if (!get_magic_quotes_gpc()) { - $gpc = addslashes($gpc); + global $wpdb; + + if (get_magic_quotes_gpc()) { + $gpc = stripslashes($gpc); } - return $gpc; + + return $wpdb->escape($gpc); } function antispambot($emailaddy, $mailto=0) { diff --git a/wp-includes/functions.php b/wp-includes/functions.php index b0c74dcfbd..207b6b8964 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -843,7 +843,7 @@ function do_enclose( $content, $post_ID ) { if ( $url != '' && !$wpdb->get_var("SELECT post_id FROM $wpdb->postmeta WHERE post_id = '$post_ID' AND meta_key = 'enclosure' AND meta_value LIKE ('$url%')") ) { if ( $headers = wp_get_http_headers( $url) ) { $len = (int) $headers['content-length']; - $type = addslashes( $headers['content-type'] ); + $type = $wpdb->escape( $headers['content-type'] ); $allowed_types = array( 'video', 'audio' ); if( in_array( substr( $type, 0, strpos( $type, "/" ) ), $allowed_types ) ) { $meta_value = "$url\n$len\n$type\n"; @@ -1882,11 +1882,13 @@ function load_template($file) { } function add_magic_quotes($array) { + global $wpdb; + foreach ($array as $k => $v) { if (is_array($v)) { $array[$k] = add_magic_quotes($v); } else { - $array[$k] = addslashes($v); + $array[$k] = $wpdb->escape($v); } } return $array; diff --git a/wp-settings.php b/wp-settings.php index 686e259fca..86db740bfd 100644 --- a/wp-settings.php +++ b/wp-settings.php @@ -136,13 +136,20 @@ load_default_textdomain(); // Pull in locale data after loading text domain. require_once(ABSPATH . WPINC . '/locale.php'); -if ( !get_magic_quotes_gpc() ) { - $_GET = add_magic_quotes($_GET ); - $_POST = add_magic_quotes($_POST ); - $_COOKIE = add_magic_quotes($_COOKIE); - $_SERVER = add_magic_quotes($_SERVER); +// If already slashed, strip. +if ( get_magic_quotes_gpc() ) { + $_GET = stripslashes($_GET ); + $_POST = stripslashes($_POST ); + $_COOKIE = stripslashes($_COOKIE); + $_SERVER = stripslashes($_SERVER); } +// Escape with wpdb. +$_GET = add_magic_quotes($_GET ); +$_POST = add_magic_quotes($_POST ); +$_COOKIE = add_magic_quotes($_COOKIE); +$_SERVER = add_magic_quotes($_SERVER); + function shutdown_action_hook() { do_action('shutdown'); } diff --git a/xmlrpc.php b/xmlrpc.php index baa93930ca..a00abc0199 100644 --- a/xmlrpc.php +++ b/xmlrpc.php @@ -1249,7 +1249,7 @@ class wp_xmlrpc_server extends IXR_Server { $context = '[...] ' . wp_specialchars( $excerpt ) . ' [...]'; $original_pagelinkedfrom = $pagelinkedfrom; - $pagelinkedfrom = addslashes( $pagelinkedfrom ); + $pagelinkedfrom = $wpdb->escape( $pagelinkedfrom ); $original_title = $title; $comment_post_ID = $post_ID;