diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-06-13 17:21:00 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2008-06-13 17:21:00 +0000 |
| commit | 12de05107e4c8b006bde6ee8916f34eb476d08da (patch) | |
| tree | 123ee54ecd1f3f777373b7df54a4604012d43640 /wp-admin/includes/bookmark.php | |
| parent | e51c7a9ca4bfdb45fa3ec7334bd33871e78c68b1 (diff) | |
| download | wordpress-mu-12de05107e4c8b006bde6ee8916f34eb476d08da.tar.gz wordpress-mu-12de05107e4c8b006bde6ee8916f34eb476d08da.tar.xz wordpress-mu-12de05107e4c8b006bde6ee8916f34eb476d08da.zip | |
WP Merge with revision 8075
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1328 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin/includes/bookmark.php')
| -rw-r--r-- | wp-admin/includes/bookmark.php | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/wp-admin/includes/bookmark.php b/wp-admin/includes/bookmark.php index 2cae3b5..b48d313 100644 --- a/wp-admin/includes/bookmark.php +++ b/wp-admin/includes/bookmark.php @@ -47,7 +47,7 @@ function wp_delete_link($link_id) { wp_delete_object_term_relationships($link_id, 'link_category'); - $wpdb->query("DELETE FROM $wpdb->links WHERE link_id = '$link_id'"); + $wpdb->query( $wpdb->prepare("DELETE FROM $wpdb->links WHERE link_id = %d", $link_id) ); do_action('deleted_link', $link_id); @@ -73,7 +73,7 @@ function wp_insert_link($linkdata) { $linkdata = wp_parse_args($linkdata, $defaults); $linkdata = sanitize_bookmark($linkdata, 'db'); - extract($linkdata, EXTR_SKIP); + extract(stripslashes_deep($linkdata), EXTR_SKIP); $update = false; @@ -119,15 +119,14 @@ function wp_insert_link($linkdata) { } if ( $update ) { - $wpdb->query("UPDATE $wpdb->links SET link_url='$link_url', - link_name='$link_name', link_image='$link_image', - link_target='$link_target', - link_visible='$link_visible', link_description='$link_description', - link_rating='$link_rating', link_rel='$link_rel', - link_notes='$link_notes', link_rss = '$link_rss' - WHERE link_id='$link_id'"); + $wpdb->query( $wpdb->prepare("UPDATE $wpdb->links SET link_url = %s, + link_name = %s, link_image = %s, link_target = %s, + link_visible = %s, link_description = %s, link_rating = %s, + link_rel = %s, link_notes = %s, link_rss = %s + WHERE link_id = %s", $link_url, $link_name, $link_image, $link_target, $link_visible, $link_description, $link_rating, $link_rel, $link_notes, $link_rss, $link_id) ); } else { - $wpdb->query("INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) VALUES('$link_url','$link_name', '$link_image', '$link_target', '$link_description', '$link_visible', '$link_owner', '$link_rating', '$link_rel', '$link_notes', '$link_rss')"); + $wpdb->query( $wpdb->prepare("INSERT INTO $wpdb->links (link_url, link_name, link_image, link_target, link_description, link_visible, link_owner, link_rating, link_rel, link_notes, link_rss) VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", + $link_url,$link_name, $link_image, $link_target, $link_description, $link_visible, $link_owner, $link_rating, $link_rel, $link_notes, $link_rss) ); $link_id = (int) $wpdb->insert_id; } |