From 4e6574f0ac9d1bc2bb38be89c10cc858785335c0 Mon Sep 17 00:00:00 2001
From: nacin <nacin@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Mon, 10 May 2010 20:51:58 +0000
Subject: [PATCH] Revert patch for expecting unslashed data in the metadata
 API. Had snuck in with [14546]. see #12416.

git-svn-id: http://svn.automattic.com/wordpress/trunk@14547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/meta.php | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/wp-includes/meta.php b/wp-includes/meta.php
index 2b359f6df..582e3307e 100644
--- a/wp-includes/meta.php
+++ b/wp-includes/meta.php
@@ -21,7 +21,7 @@
  *
  * @param string $meta_type Type of object metadata is for (e.g., comment, post, or user)
  * @param int $object_id ID of the object metadata is for
- * @param string $meta_key Metadata key. Expected unslashed.
+ * @param string $meta_key Metadata key
  * @param string $meta_value Metadata value
  * @param bool $unique Optional, default is false.  Whether the specified metadata key should be
  * 		unique for the object.  If true, and the object already has a value for the specified
@@ -42,6 +42,9 @@ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique =
 
 	$column = esc_sql($meta_type . '_id');
 
+	// expected_slashed ($meta_key)
+	$meta_key = stripslashes($meta_key);
+
 	if ( $unique && $wpdb->get_var( $wpdb->prepare(
 		"SELECT COUNT(*) FROM $table WHERE meta_key = %s AND $column = %d",
 		$meta_key, $object_id ) ) )
@@ -79,7 +82,7 @@ function add_metadata($meta_type, $object_id, $meta_key, $meta_value, $unique =
  *
  * @param string $meta_type Type of object metadata is for (e.g., comment, post, or user)
  * @param int $object_id ID of the object metadata is for
- * @param string $meta_key Metadata key. Expected unslashed.
+ * @param string $meta_key Metadata key
  * @param string $meta_value Metadata value
  * @param string $prev_value Optional.  If specified, only update existing metadata entries with
  * 		the specified value.  Otherwise, update all entries.
@@ -100,6 +103,9 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
 	$column = esc_sql($meta_type . '_id');
 	$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
 
+	// expected_slashed ($meta_key)
+	$meta_key = stripslashes($meta_key);
+
 	if ( ! $meta_id = $wpdb->get_var( $wpdb->prepare( "SELECT $id_column FROM $table WHERE meta_key = %s AND $column = %d", $meta_key, $object_id ) ) )
 		return add_metadata($meta_type, $object_id, $meta_key, $meta_value);
 
@@ -137,7 +143,7 @@ function update_metadata($meta_type, $object_id, $meta_key, $meta_value, $prev_v
  *
  * @param string $meta_type Type of object metadata is for (e.g., comment, post, or user)
  * @param int $object_id ID of the object metadata is for
- * @param string $meta_key Metadata key. Expected unslashed.
+ * @param string $meta_key Metadata key
  * @param string $meta_value Optional. Metadata value.  If specified, only delete metadata entries
  * 		with this value.  Otherwise, delete all entries with the specified meta_key.
  * @param bool $delete_all Optional, default is false.  If true, delete matching metadata entries
@@ -159,7 +165,8 @@ function delete_metadata($meta_type, $object_id, $meta_key, $meta_value = '', $d
 
 	$type_column = esc_sql($meta_type . '_id');
 	$id_column = 'user' == $meta_type ? 'umeta_id' : 'meta_id';
-
+	// expected_slashed ($meta_key)
+	$meta_key = stripslashes($meta_key);
 	$meta_value = maybe_serialize( stripslashes_deep($meta_value) );
 
 	$query = $wpdb->prepare( "SELECT $id_column FROM $table WHERE meta_key = %s", $meta_key );