[wp-trac] [WordPress Trac] #22873: Consider moving to a notice for $wpdb->prepare in 3.5.1
WordPress Trac
noreply at wordpress.org
Fri Dec 21 00:03:11 UTC 2012
#22873: Consider moving to a notice for $wpdb->prepare in 3.5.1
------------------------------+--------------------
Reporter: nacin | Owner:
Type: defect (bug) | Status: new
Priority: low | Milestone: 3.5.1
Component: Warnings/Notices | Version: 3.5
Severity: minor | Resolution:
Keywords: has-patch |
------------------------------+--------------------
Changes (by knutsp):
* cc: knut@… (added)
Comment:
If warnings (or errors or notices) are displayed on a production site,
then the server setup is wrong and possibly vulnerable. If you have some
plugins the chance of getting some warnings is quite high, but end users
seldom sees them, so these extra warnings doesn't change anything. It's
not about "hitting" users with warnings, as the warnings will go to the
error_log or displayed in the debug bar (plugin), where any developer
should look.
I develop plugins and child themes, and this new warning have already
caught me doing things wrong (thanks, core team!). Don't forget that this
particular warning is added because the reason for it may imply possible
vulnerabilities in plugins or themes.
I'm still and firmly for wontfix (always a warning), at least in all
development versions.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22873#comment:16>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list