This commit does the following:
Fix possible rDNS SQL injection (gethostbyaddr() - tough but possible to do; definitely not low-hanging fruit). Use $wpdb->prepare() where appropriate. Use esc_sql() instead of addslashes(). Whitelist ORDER BY and SORT BY SQL injection vectors.
This commit does the following: Fix possible rDNS SQL injection (gethostbyaddr() - tough but possible to do; definitely not low-hanging fruit). Use $wpdb->prepare() where appropriate. Use esc_sql() instead of addslashes(). Whitelist ORDER BY and SORT BY SQL injection vectors.