Ticket #4690: 4690.diff

wp-includes/functions.php

@@ -179 +179 @@
-
-function get_option($setting) {
-        global $wpdb;
+        
+        $setting = $wpdb->escape($setting);
-
-        // Allow plugins to short-circuit options.
-        $pre = apply_filters( 'pre_option_' . $setting, false ); 
@@ -364 +366 @@
-
-function delete_option($name) {
-        global $wpdb;
+        
+        $name = $wpdb->escape($name);
-
-        wp_protect_special_option($name);
-