[wp-trac] Re: [WordPress Trac] #2591: users can enter dangerous
serialized strings
WordPress Trac
wp-trac at lists.automattic.com
Fri Mar 24 08:02:53 GMT 2006
#2591: users can enter dangerous serialized strings
-------------------------+--------------------------------------------------
Id: 2591 | Status: assigned
Component: Security | Modified: Fri Mar 24 08:02:53 2006
Severity: normal | Milestone: 2.1
Priority: normal | Version: 2.0.2
Owner: markjaquith | Reporter: random
-------------------------+--------------------------------------------------
Comment (by random):
There's a serialize call in delete_usermeta() as well as
update_usermeta(), and let's not forget postmeta.
Speaking of postmeta, changeset:3656 added querying by meta_value, so
that'd need changing too. (Speaking of which, is querying going to be a
problem elsewhere?)
For options.php, we could unserialize and gettype() the result,
reserialize if necessary for display, but add a hidden
{{{
<input type="hidden" name="type[$option_name]" value="array" />
}}}
field (or similar) to keep track of what's already serialized when the
data gets sent back.
--
Ticket URL: <http://trac.wordpress.org/ticket/2591>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list