[wp-trac] [WordPress Trac] #6227: wp_insert_post should check the
return value of $wpdb->query or use $wpdb->query
WordPress Trac
wp-trac at lists.automattic.com
Fri Mar 14 21:38:48 GMT 2008
#6227: wp_insert_post should check the return value of $wpdb->query or use
$wpdb->query
-----------------------+----------------------------------------------------
Reporter: BenDeRydt | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.3.4
Component: General | Version:
Severity: normal | Keywords:
-----------------------+----------------------------------------------------
I'd tried using {{{wp_insert_post}}} as described in
[http://codex.wordpress.org/Function_Reference/wp_insert_post the function
reference]. This caused major problems with `post_content` like
--'''{{{it's a rainy day}}}'''-- because:
a. {{{wp_insert_post}}} does not escape its query parameters
b. it does not check the return value of {{{$wpdb->query}}}
This meant that I got a perfectly innocent ID in return which I used in
other tables but there never was a post with this ID in the actual
{{{wp_posts}}} table. Worst of all, WordPress cached some info of this
post in its postcache, meaning I got a half finished post on the frontpage
of my blog but no way to link to it.
--
Ticket URL: <http://trac.wordpress.org/ticket/6227>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list