Skip to:
Content

BuddyPress.org

Changeset 7868


Ignore:
Timestamp:
02/14/2014 01:24:19 AM (6 years ago)
Author:
boonebgorges
Message:

Don't run meta_value through esc_sql() in bp_blogs_update_blogmeta()

The necessary sanitization happens in $wpdb, and the esc_sql() re-adds slashes
that were removed by stripslashes(). Fixing this bug just in time to refactor
it out :)

See #4551

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-blogs/bp-blogs-functions.php

    r7577 r7868  
    930930
    931931    if ( is_string($meta_value) )
    932         $meta_value = stripslashes( esc_sql( $meta_value ) );
     932        $meta_value = stripslashes( $meta_value );
    933933
    934934    $meta_value = maybe_serialize($meta_value);
Note: See TracChangeset for help on using the changeset viewer.