[wp-trac] Re: [WordPress Trac] #8814: Bad use of $_REQUEST variable
in wordpress
WordPress Trac
wp-trac at lists.automattic.com
Mon May 11 17:13:42 GMT 2009
#8814: Bad use of $_REQUEST variable in wordpress
--------------------------+-------------------------------------------------
Reporter: firstbit | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8
Component: Security | Version: 2.8
Severity: normal | Keywords: has-patch tested commit dev-feedback
--------------------------+-------------------------------------------------
Comment(by ryan):
I see a lot of setups that define both variables_order and gpc_order, and
they don't match. We'd have to check both, I think.
Attached patch keeps it simple and puts only GET and POST in REQUEST.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/8814#comment:14>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list