Check it if matches before serializing, because get_option de-serializes. Hat tip: Donncha.

git-svn-id: https://develop.svn.wordpress.org/trunk@2715 602fd350-edb4-49c9-b593-d223f7449a82

wp-includes/functions.php

@@ -327,21 +327,22 @@ function get_alloptions() {
 
 function update_option($option_name, $newvalue) {
 	global $wpdb, $cache_settings;
-	if ( is_array($newvalue) || is_object($newvalue) )
-		$newvalue = serialize($newvalue);
 
 	$newvalue = trim($newvalue); // I can't think of any situation we wouldn't want to trim
 
 	// If the new and old values are the same, no need to update.
-    if ($newvalue == get_option($option_name)) {
+	if ( $newvalue == get_option($option_name) )
 		return true;
-    }
+
+	if ( is_array($newvalue) || is_object($newvalue) )
+		$newvalue = serialize($newvalue);
 
 	// If it's not there add it
 	if ( !$wpdb->get_var("SELECT option_name FROM $wpdb->options WHERE option_name = '$option_name'") )
 		add_option($option_name);
 
 	$newvalue = $wpdb->escape($newvalue);
+	$option_name = $wpdb->escape( $option_name );
 	$wpdb->query("UPDATE $wpdb->options SET option_value = '$newvalue' WHERE option_name = '$option_name'");
 	$cache_settings = get_alloptions(); // Re cache settings
 	return true;