[theme-reviewers] Potential Search Form/Query Security Issue
Edward Caissie
edward.caissie at gmail.com
Fri Sep 30 23:48:22 UTC 2011
Something to definitely double-check. I've been doing a lot of PHP
substitution with recent updates and new plugins ... tie to go back and make
sure I haven't let something similar slip through my code.
Cais.
On Fri, Sep 30, 2011 at 6:38 PM, Chip Bennett <chip at chipbennett.net> wrote:
> Good afternoon, developers!
>
> Just a quick note regarding something to look out for:
> http://quirm.net/2011/09/20/using-s-with-double-quotes-in-wordpress/
>
> TL;DR: use get_search_query(); don't use "$s" (specifically, $s in
> double-quotes).
>
> (Hat tip to esmi, for writing this up.)
>
> Have a great weekend!
>
> Chip
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110930/2870c2ce/attachment-0001.htm>
More information about the theme-reviewers
mailing list