[wp-trac] [WordPress Trac] #5901: Inconsistent user option name
sanitization
WordPress Trac
wp-trac at lists.automattic.com
Mon Feb 18 18:19:19 GMT 2008
#5901: Inconsistent user option name sanitization
----------------------+-----------------------------------------------------
Reporter: filosofo | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.5
Component: General | Version: 2.5
Severity: normal | Keywords: update_user_option get_user_option has-patch sanitization
----------------------+-----------------------------------------------------
{{{update_user_option}}} sanitizes the option name, because it sends the
option to {{{update_usermeta}}} which does the sanitizing. However,
{{{get_user_option}}} doesn't sanitize the option name before checking
whether the option is among the userdata. So, if your option name has
non-kosher characters, you'll never be able to retrieve it using
{{{get_user_option}}}.
The attached patch sanitizes the option in {{{get_user_option}}}.
--
Ticket URL: <http://trac.wordpress.org/ticket/5901>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list