Changeset 5829
- Timestamp:
- 08/01/07 19:14:10 (1 year ago)
- Files:
-
- trunk/wp-includes/functions.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/wp-includes/functions.php
r5820 r5829 178 178 /* Options functions */ 179 179 180 // expects $setting to already be SQL-escaped 180 181 function get_option($setting) { 181 182 global $wpdb; … … 277 278 } 278 279 280 // expects $option_name to NOT be SQL-escaped 279 281 function update_option($option_name, $newvalue) { 280 282 global $wpdb; … … 282 284 wp_protect_special_option($option_name); 283 285 286 $safe_option_name = $wpdb->escape($option_name); 284 287 $newvalue = sanitize_option($option_name, $newvalue); 285 288 … … 288 291 289 292 // If the new and old values are the same, no need to update. 290 $oldvalue = get_option($ option_name);293 $oldvalue = get_option($safe_option_name); 291 294 if ( $newvalue === $oldvalue ) { 292 295 return false; … … 326 329 327 330 // thx Alex Stapleton, http://alex.vort-x.net/blog/ 331 // expects $name to NOT be SQL-escaped 328 332 function add_option($name, $value = '', $description = '', $autoload = 'yes') { 329 333 global $wpdb; 330 334 331 335 wp_protect_special_option($name); 336 $safe_name = $wpdb->escape($name); 332 337 333 338 // Make sure the option doesn't already exist. We can check the 'notoptions' cache before we ask for a db query 334 339 $notoptions = wp_cache_get('notoptions', 'options'); 335 340 if ( !is_array($notoptions) || !isset($notoptions[$name]) ) 336 if ( false !== get_option($ name) )341 if ( false !== get_option($safe_name) ) 337 342 return; 338 343
