Use preg_quote() to make spam words regex safe.

git-svn-id: https://develop.svn.wordpress.org/trunk@1896 602fd350-edb4-49c9-b593-d223f7449a82
2026-06-28 22:30:04 +00:00 · 2004-11-28 05:24:09 +00:00
parent 8a53bdc06d
commit d26e718453
1 changed files with 1 additions and 1 deletions
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -1732,7 +1732,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) {

 		// Do some escaping magic so that '#' chars in the 
 		// spam words don't break things:
-		$word = preg_replace('/(\\\\|#)/','\\\\$1',$word);
+		$word = preg_quote($word, '#');
 		
 		$pattern = "#$word#i"; 
 		if ( preg_match($pattern, $author) ) return false;