[wp-cvs] wordpress/wp-admin categories.php,1.35,1.36

Ryan Boren rboren at users.sourceforge.net
Sat Jul 24 03:55:34 UTC 2004 

Update of /cvsroot/cafelog/wordpress/wp-admin
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv18389

Modified Files:
	categories.php 
Log Message:
More addslashes/stripslashes elimination.

Index: categories.php
===================================================================
RCS file: /cvsroot/cafelog/wordpress/wp-admin/categories.php,v
retrieving revision 1.35
retrieving revision 1.36
diff -C2 -d -r1.35 -r1.36
*** categories.php	24 Jul 2004 03:39:21 -0000	1.35
--- categories.php	24 Jul 2004 03:55:31 -0000	1.36
***************
*** 47,54 ****
          die (__('Cheatin’ uh?'));
      
!     $cat_name= addslashes(stripslashes(stripslashes($_POST['cat_name'])));
      $cat_ID = $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories ORDER BY cat_ID DESC LIMIT 1") + 1;
      $category_nicename = sanitize_title($cat_name, $cat_ID);
!     $category_description = addslashes(stripslashes(stripslashes($_POST['category_description'])));
      $cat = intval($_POST['cat']);
  
--- 47,54 ----
          die (__('Cheatin’ uh?'));
      
!     $cat_name= $_POST['cat_name'];
      $cat_ID = $wpdb->get_var("SELECT cat_ID FROM $wpdb->categories ORDER BY cat_ID DESC LIMIT 1") + 1;
      $category_nicename = sanitize_title($cat_name, $cat_ID);
!     $category_description = $_POST['category_description'];
      $cat = intval($_POST['cat']);
  
***************
*** 68,72 ****
      $cat_ID = intval($_GET["cat_ID"]);
      $cat_name = get_catname($cat_ID);
-     $cat_name = addslashes($cat_name);
      $category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
      $cat_parent = $category->category_parent;
--- 68,71 ----
***************
*** 91,95 ****
      $cat_ID = intval($_GET['cat_ID']);
      $category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
!     $cat_name = stripslashes($category->cat_name);
      ?>
  
--- 90,94 ----
      $cat_ID = intval($_GET['cat_ID']);
      $category = $wpdb->get_row("SELECT * FROM $wpdb->categories WHERE cat_ID = '$cat_ID'");
!     $cat_name = $category->cat_name;
      ?>
  
***************
*** 126,133 ****
          die (__('Cheatin’ uh?'));
      
!     $cat_name = $wpdb->escape(stripslashes($_POST['cat_name']));
      $cat_ID = (int) $_POST['cat_ID'];
      $category_nicename = sanitize_title($cat_name, $cat_ID);
!     $category_description = $wpdb->escape(stripslashes($_POST['category_description']));
  
      $wpdb->query("UPDATE $wpdb->categories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = '$cat' WHERE cat_ID = '$cat_ID'");
--- 125,132 ----
          die (__('Cheatin’ uh?'));
      
!     $cat_name = $_POST['cat_name'];
      $cat_ID = (int) $_POST['cat_ID'];
      $category_nicename = sanitize_title($cat_name, $cat_ID);
!     $category_description = $_POST['category_description'];
  
      $wpdb->query("UPDATE $wpdb->categories SET cat_name = '$cat_name', category_nicename = '$category_nicename', category_description = '$category_description', category_parent = '$cat' WHERE cat_ID = '$cat_ID'");

More information about the cvs mailing list