Closed GoogleCodeExporter closed 8 years ago
Holy crap, someone is melodramatic. Did you even try this patch? It throws up a
bunch of warnings. We're not even using the mysql extension. Also, that would
give inconsistent behavior depending on whether magic quotes is on or not. I
committed a different change. The DB character set is utf8 anyway, which
addslashes is not vulnerable with. I guess it's worth changing anyway, in case
that changes in the future.
Original comment by sproctor@gmail.com
on 14 Jul 2012 at 4:33
Original comment by sproctor@gmail.com
on 16 Jul 2012 at 12:38
Original issue reported on code.google.com by
brandonk...@gmail.com
on 14 Jul 2012 at 5:02Attachments: