[wp-trac] Re: [WordPress Trac] #3093: WP should revert anything done by filter in newer PHP versions.

Sat Dec 23 04:33:18 GMT 2006

#3093: WP should revert anything done by filter in newer PHP versions.
----------------------------+-----------------------------------------------
 Reporter:  masquerade      |        Owner:  markjaquith
     Type:  defect          |       Status:  assigned   
 Priority:  normal          |    Milestone:  2.2        
Component:  Administration  |      Version:             
 Severity:  normal          |   Resolution:             
 Keywords:                  |  
----------------------------+-----------------------------------------------
Changes (by markjaquith):

  * status:  new => assigned
  * owner:  anonymous => markjaquith

Comment:

 Serendipity has this code to deal with ext/filter:

 {{{
 if (extension_loaded('filter') && function_exists('input_name_to_filter')
 && input_name_to_filter(ini_get('filter.default')) !== FILTER_UNSAFE_RAW)
 {
     foreach ($_POST as $key => $value) {
         $_POST[$key] = input_get(INPUT_POST, $key, FILTER_UNSAFE_RAW);
     }
     foreach ($_GET as $key => $value) {
         $_GET[$key] = input_get(INPUT_GET, $key, FILTER_UNSAFE_RAW);
     }
     foreach ($_COOKIE as $key => $value) {
         $_COOKIE[$key] = input_get(INPUT_COOKIE, $key, FILTER_UNSAFE_RAW);
     }
     foreach ($_SESSION as $key => $value) {
         $_SESSION[$key] = input_get(INPUT_SESSION, $key,
 FILTER_UNSAFE_RAW);
     }
 }

 if (extension_loaded('filter') && function_exists('filter_id') &&
 filter_id(ini_get('filter.default')) !== FILTER_UNSAFE_RAW) {
     foreach ($_POST as $key => $value) {
         $_POST[$key] = filter_input(INPUT_POST, $key, FILTER_UNSAFE_RAW);
     }
     foreach ($_GET as $key => $value) {
         $_GET[$key] = filter_input(INPUT_GET, $key, FILTER_UNSAFE_RAW);
     }
     foreach ($_COOKIE as $key => $value) {
         $_COOKIE[$key] = filter_input(INPUT_COOKIE, $key,
 FILTER_UNSAFE_RAW);
     }
     foreach ($_SESSION as $key => $value) {
         $_SESSION[$key] = filter_input(INPUT_SESSION, $key,
 FILTER_UNSAFE_RAW);
     }
 }
 }}}

 It is BSD licensed (the 3-clause GPL-compatible version), so that snippet
 would have to include this line:

 {{{
 Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity
 Developer Team)
 }}}

 I think the first block is for CVS versions of PHP... so we might be able
 to yank that and just use the second block which appears to be based on
 the final version.

 Masquerade, you keep pretty close tabs on cutting edge PHP development...
 how does the above look to you?

-- 
Ticket URL: <http://trac.wordpress.org/ticket/3093#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software