[wp-trac] [WordPress Trac] #21767: Remove stripslashes from API functions
WordPress Trac
noreply at wordpress.org
Mon Feb 4 15:05:58 UTC 2013
#21767: Remove stripslashes from API functions
-------------------------------------------------+-------------------------
Reporter: alexkingorg | Owner:
Type: task (blessed) | Status: new
Priority: normal | Milestone: 3.6
Component: Formatting | Version: 3.4
Severity: normal | Resolution:
Keywords: has-patch needs-testing needs-unit- |
tests 3.6-early |
-------------------------------------------------+-------------------------
Comment (by ryan):
That gets a start on introducing and using two new slash functions. Any
stripslashes() or stripslashes_deep() call on GPC data should be converted
to wp_unslash(). If a function makes lots of strip calls on $_POST data,
consider adding $post_data = wp_unslash( $_POST ) at the top of the
function. This does have the drawback that once wp_unslash() no longer
unslashes the $post_data assignment will be pointless. It's a matter of
style whether we want to add wp_unslash() calls for each use of $_POST in
a function or change $_POST to $post_data everywhere in the function.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21767#comment:47>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list