[wp-trac] [WordPress Trac] #6640: Login should use DB prepare
method on user input
WordPress Trac
wp-trac at lists.automattic.com
Tue Apr 8 15:51:25 GMT 2008
#6640: Login should use DB prepare method on user input
----------------------+-----------------------------------------------------
Reporter: filosofo | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.6
Component: General | Version:
Severity: normal | Keywords: wp-login wpdb prepare mysql has-patch
----------------------+-----------------------------------------------------
I noticed that wp-login.php runs DB queries from user-inputted data that
is sanitized in an ad hoc manner. If for no other reason than
consistency, it seems to me that all such queries should use the prepare
method, as this patch does.
--
Ticket URL: <http://trac.wordpress.org/ticket/6640>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list