For some reason, slashes are being added to blog titles and user comments wherever single-quotes (') are used. We have turned off magic quotes and the problem persists.
For some reason, slashes are being added to blog titles and user comments wherever single-quotes (') are used. We have turned off magic quotes and the problem persists.
You may have missed this when you searched the forums:
Thanks. Glad to know that there is an open ticket.
Actually, NOT fixed. Blog titles is the issue, not the site name.
Fixed the issue. It was a plugin for the homepage to pull the most recent posts. The database apparently stores addslashes() data. IMO, this is a WP BUG that needs to be fixed. The database should only store pure, binary data.
Nope not a WP bug, sorry. Something is adding an extra "add slashes" in there somewhere and isn't removing it at the end. Try it again with all your plugins disabled and see if it still does it.
If it was a WP bug, then I think a LOT or people would be shouting.
I'm a complete Wordpress/Wordpress MU newbie (but not new to PHP) with the same problem.
My understanding (from looking at the coding standards and the code) is that:
Therefore the net result is that whether or not magic quotes are on the results will be the same: $_POST data will have escaped quotes.
So anything in MU that uses $_POST should unescape the data before storing it.
The fix (for me anyway) was to find
case "updateblog"
and replace
`foreach ( (array) $_POST['option'] as $key => $val ) {
if( $c == $count ) {`
with
`foreach ( (array) $_POST['option'] as $key => $val ) {
$key = stripslashes($key);
$val = stripslashes($val);
if( $c == $count ) {`
I also discovered that the way Wordpress checks for data being unchanged means that if the only change you make is to remove a slash then Wordpress will think nothing changed and not store it in the database, so I had to change "Mark\'s Blog" to "Mark's Blog!" to make it change.
Hope that helps someone!
PS: I think this is NOT a WP bug, but IS a WPMU bug. But I've not been here long enough to know for sure? It's only when something doesn't strip slashes when it takes data from the database that it would notice though (as is the case with the plugin mentioned above). Most of the WP/WPMU code seems to do that, but it is still a bug (imho) to be storing the slashes in the database regardless of whether most of the code will invisibly correct it. I haven't worked out yet how I would store \' if I actually wanted to (maybe if I wanted to blog this thread, for example).