[wp-trac] Re: [WordPress Trac] #5455: Charset SQL Injection Vulnerability

WordPress Trac wp-trac at lists.automattic.com
Wed Dec 12 10:52:26 GMT 2007

#5455: Charset SQL Injection Vulnerability
 Reporter:  pishmishy  |        Owner:  pishmishy
     Type:  defect     |       Status:  assigned 
 Priority:  normal     |    Milestone:  2.5      
Component:  Security   |      Version:  2.4      
 Severity:  normal     |   Resolution:           
 Keywords:             |  
Comment (by ryan):

 We tried mysql_real_escape_string() some time ago and it caused lots of
 problems.  That was before mysql_set_charset() came along, however. I
 think if mysql_set_charset() is available and DB_CHARSET is set, we can
 safely use mysql_real_escape_string().

 Let's try something like this. In wpdb::__construct(), call
 mysql_set_charset(), if it exists, instead of SET NAMES.  Flag the fact
 that we've called mysql_set_charset().  Check this flag in wpdb::escape()
 and call mysql_real_escape_string() if the charset was set with
 mysql_set_charset().  If the charset was set with SET NAMES or not set at
 all, use addslashes().

Ticket URL: <http://trac.wordpress.org/ticket/5455#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list