[wp-meta] [Making WordPress.org] #1856: Attendance UI search does not handle apostrophes
Making WordPress.org
noreply at wordpress.org
Thu Jun 1 00:09:11 UTC 2017
#1856: Attendance UI search does not handle apostrophes
-------------------------------------+------------------------
Reporter: johneckman | Owner: kovshenin
Type: defect | Status: closed
Priority: normal | Milestone:
Component: WordCamp Site & Plugins | Resolution: fixed
Keywords: has-patch |
-------------------------------------+------------------------
Changes (by coreymckrill):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"5531"]:
{{{
#!CommitTicketReference repository="" revision="5531"
WordCamp: Handle apostrophes in Camptix Attendance UI
Apostrophes in the search string are getting escaped when they are first
submitted, which means they are getting escaped again when they go
through `$wpdb->prepare` etc. So strings that have an apostrophe (like
"O'Brien") will not turn up the expected results in the query.
This fixes the issue by stripping slashes before the string goes through
`esc_like` and `$wpdb->prepare`. It uses `wp_unslash` instead of the
`stripslashes` in the original patch simply because using WP-specific
versions of functions is a best practice.
Stripping slashes in this instance doesn't cause a vulnerability because
the escaping is handled again later by `esc_like` and `$wpdb->prepare`.
Props jeffSLOfish
Fixes #1856
}}}
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/1856#comment:5>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list