[wp-trac] [WordPress Trac] #11819: Use mysql_real_escape_string instead of addslashes
WordPress Trac
wp-trac at lists.automattic.com
Fri Jan 8 13:01:57 UTC 2010
#11819: Use mysql_real_escape_string instead of addslashes
--------------------------+-------------------------------------------------
Reporter: hakre | Owner: ryan
Type: defect (bug) | Status: reopened
Priority: high | Milestone:
Component: Security | Version: 2.5
Severity: critical | Resolution:
Keywords: dev-feedback |
--------------------------+-------------------------------------------------
Changes (by hakre):
* status: closed => reopened
* resolution: invalid =>
Comment:
I reopen since the closing argumentation by ryan does not apply for many
installations reg. PHP and MYSQL version. Additionally as Denis pointed
to, the actual usage of those functions should be taken into account.
Correctly spoken, this ticket is a regression of what was reported in
#1394. To be fair, the old ticket should be reopened (because the changes
which fixed the issue were removed) and this ticket should then be closed
as a duplicate. Just as a sidenote.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11819#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list