[theme-reviewers] Potential Search Form/Query Security Issue

Edward Caissie edward.caissie at gmail.com
Fri Sep 30 23:48:22 UTC 2011

Something to definitely double-check. I've been doing a lot of PHP
substitution with recent updates and new plugins ... tie to go back and make
sure I haven't let something similar slip through my code.


On Fri, Sep 30, 2011 at 6:38 PM, Chip Bennett <chip at chipbennett.net> wrote:

> Good afternoon, developers!
> Just a quick note regarding something to look out for:
> http://quirm.net/2011/09/20/using-s-with-double-quotes-in-wordpress/
> TL;DR: use get_search_query(); don't use "$s" (specifically, $s in
> double-quotes).
> (Hat tip to esmi, for writing this up.)
> Have a great weekend!
> Chip
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110930/2870c2ce/attachment-0001.htm>

More information about the theme-reviewers mailing list