[wp-trac] [WordPress Trac] #27805: Widget Customizer: Eliminate reliance on create_function()

WordPress Trac noreply at wordpress.org
Wed Apr 16 00:09:54 UTC 2014


#27805: Widget Customizer: Eliminate reliance on create_function()
------------------------------+-----------------------
 Reporter:  westonruter       |       Owner:  nacin
     Type:  defect (bug)      |      Status:  assigned
 Priority:  normal            |   Milestone:  3.9
Component:  Appearance        |     Version:  trunk
 Severity:  normal            |  Resolution:
 Keywords:  has-patch commit  |     Focuses:
------------------------------+-----------------------

Comment (by nacin):

 Thanks for this, Weston. Eliminating create_function() may sound academic
 but these are prone to mistakes later that introduce the nastiest of
 vulnerabilities. It's just safer to never use it, the same way we'd never
 use /e for preg_replace() anymore. Cheers.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/27805#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list