[theme-reviewers] Potential Search Form/Query Security Issue
Chip Bennett
chip at chipbennett.net
Fri Sep 30 22:38:11 UTC 2011
Good afternoon, developers!
Just a quick note regarding something to look out for:
http://quirm.net/2011/09/20/using-s-with-double-quotes-in-wordpress/
TL;DR: use get_search_query(); don't use "$s" (specifically, $s in
double-quotes).
(Hat tip to esmi, for writing this up.)
Have a great weekend!
Chip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110930/4e8e8a98/attachment.htm>
More information about the theme-reviewers
mailing list