WordPress.org

Plugin Directory

Changeset 680032


Ignore:
Timestamp:
03/11/13 21:27:53 (13 months ago)
Author:
liedekef
Message:

more compliant WP code used for escaping

File:
1 edited

Legend:

Unmodified
Added
Removed
  • events-made-easy/trunk/events-manager.php

    r676190 r680032  
    335335         $old_blog = $wpdb->blogid; 
    336336         // Get all blog ids 
    337          $blogids = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM $wpdb->blogs")); 
     337         $blogids = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM %s",$wpdb->blogs)); 
    338338         foreach ($blogids as $blog_id) { 
    339339            switch_to_blog($blog_id); 
     
    15291529 
    15301530function eme_sanitize_request( $value ) { 
    1531 #  if( get_magic_quotes_gpc() )  
    1532 #     $value = stripslashes( $value ); 
    1533  
    1534    //check if this function exists 
    1535    if( function_exists( "mysql_real_escape_string" ) ) { 
    1536       //$value = mysql_real_escape_string( $value ); 
    1537       if (is_array($value)) { 
    1538          array_walk_recursive($value, 'escapeMe'); 
    1539       } else { 
    1540          $value = mysql_real_escape_string($value); 
    1541       } 
     1531   global $wpdb; 
     1532   if (is_array($value)) { 
     1533      array_walk_recursive($value, 'escapeMe'); 
    15421534   } else { 
    1543       //for PHP version < 4.3.0 use addslashes 
    1544       $value = addslashes( $value ); 
     1535      $value = $wpdb->escape($value); 
    15451536   } 
    15461537   return $value; 
     
    15481539 
    15491540function escapeMe(&$val) { 
    1550    $val = mysql_real_escape_string($val); 
     1541   global $wpdb; 
     1542   $val = $wpdb->escape($val); 
    15511543} 
    15521544 
Note: See TracChangeset for help on using the changeset viewer.