Permalink
Browse files

Delay Trackback data escaping until after mb_convert_encoding(). Prop…

…s to Stefan Esser.

git-svn-id: http://svn.automattic.com/wordpress/trunk@4676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
1 parent 6befacf commit b7371396c3c14e78a1c07d69dc0463b04a9bea90 markjaquith committed Jan 5, 2007
Showing with 12 additions and 5 deletions.
  1. +12 −5 wp-trackback.php
View
@@ -30,11 +30,13 @@ function trackback_response($error = 0, $error_message = '') {
$tb_id = intval( $tb_id[ count($tb_id) - 1 ] );
}
-$tb_url = $_POST['url'];
-$title = $_POST['title'];
-$excerpt = $_POST['excerpt'];
-$blog_name = $_POST['blog_name'];
-$charset = $_POST['charset'];
+$tb_url = $_POST['url'];
+$charset = $_POST['charset'];
+
+// These three are stripslashed here so that they can be properly escaped after mb_convert_encoding()
+$title = stripslashes($_POST['title']);
+$excerpt = stripslashes($_POST['excerpt']);
+$blog_name = stripslashes($_POST['blog_name']);
if ($charset)
$charset = strtoupper( trim($charset) );
@@ -47,6 +49,11 @@ function trackback_response($error = 0, $error_message = '') {
$blog_name = mb_convert_encoding($blog_name, get_option('blog_charset'), $charset);
}
+// Now that mb_convert_encoding() has been given a swing, we need to escape these three
+$title = $wpdb->escape($title);
+$excerpt = $wpdb->escape($excerpt);
+$blog_name = $wpdb->escape($blog_name);
+
if ( is_single() || is_page() )
$tb_id = $posts[0]->ID;

0 comments on commit b737139

Please sign in to comment.