[wp-trac] Re: [WordPress Trac] #4029: maybe_serialize() can do
double-serialize
WordPress Trac
wp-trac at lists.automattic.com
Mon Mar 26 06:23:25 GMT 2007
#4029: maybe_serialize() can do double-serialize
------------------------------------+---------------------------------------
Reporter: takayukister | Owner: anonymous
Type: defect | Status: closed
Priority: normal | Milestone:
Component: General | Version: 2.2
Severity: major | Resolution: invalid
Keywords: has-patch dev-feedback |
------------------------------------+---------------------------------------
Changes (by markjaquith):
* status: reopened => closed
* resolution: => invalid
* milestone: 2.2 =>
Comment:
Intentional. Ensures that input == output (using
{{{maybe_unserialize()}}}). Otherwise, as masquerade pointed out, you can
enter a serialized array into a string input and get an array as the
output. There were documented server-crash scenarios from this.
The other solution was serializing everything, but this makes the options
and meta tables really unfriendly.
--
Ticket URL: <http://trac.wordpress.org/ticket/4029#comment:9>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list