[wp-trac] [WordPress Trac] #19617: Use maybe_unserialize() for HTTP requests
WordPress Trac
wp-trac at lists.automattic.com
Sun Jan 8 03:49:53 UTC 2012
#19617: Use maybe_unserialize() for HTTP requests
------------------------------------+------------------
Reporter: nacin | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.4
Component: Warnings/Notices | Version:
Severity: normal | Resolution:
Keywords: has-patch dev-feedback |
------------------------------------+------------------
Comment (by dd32):
I didn't touch the non-update cases, All of those cases will need to have
extra validation applied, unserialize() returns false for invalid (non-
serialised) data where as, maybe_unserialize() is going to pass it
straight through causing the old `false === unserialize()` checks to fail.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/19617#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list