[wp-trac] [WordPress Trac] #10360: $_REQUEST's slashes may differ from $_GET/$_POST (was: $_REQUEST's slashes may differ from $_GEt/$_POSt)

WordPress Trac wp-trac at lists.automattic.com
Fri Jul 10 11:21:10 UTC 2009


#10360: $_REQUEST's slashes may differ from $_GET/$_POST
--------------------------+-------------------------------------------------
 Reporter:  dd32          |       Owner:  ryan                    
     Type:  defect (bug)  |      Status:  new                     
 Priority:  normal        |   Milestone:  2.8.2                   
Component:  Security      |     Version:  2.9                     
 Severity:  normal        |    Keywords:  needs-patch dev-feedback
--------------------------+-------------------------------------------------

Comment(by dd32):

 Except its hardly Legacy, And is used more often in WP every version.
 Generally only or comparison of action args. Its rarely used for data
 which may include slashes, infact, pretty much unheard of.

 there was a recent changeset which forces $_REQUEST to be $_GET + $_POST,
 so it removes most of the usual PHP-arguements against using $_REQUEST.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10360#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list