[wp-trac] [WordPress Trac] #14516: Must stripslash input fields for db install
WordPress Trac
wp-trac at lists.automattic.com
Tue Aug 3 12:29:29 UTC 2010
#14516: Must stripslash input fields for db install
-----------------------------+----------------------------------------------
Reporter: johanee | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version: 3.0.1
Severity: normal | Keywords:
-----------------------------+----------------------------------------------
During WordPress database install we must stripslash the input fields.
For database name, database username and database password \, ', and " are
valid characters. For dbhost "strange" characters probably aren't valid,
but we should handle it correctly anyway.
For prefix there is no need to stripslash as we immediately make sure it
only contains letters, numbers and underscores. (mysql allows other
characters, but it is probably wise to limit it anyway).
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14516>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list