[wp-trac] [WordPress Trac] #18322: The Road to Magic Quotes Sanity
WordPress Trac
noreply at wordpress.org
Thu Apr 24 10:06:03 UTC 2014
#18322: The Road to Magic Quotes Sanity
----------------------------+-----------------------------
Reporter: ryan | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Bootstrap/Load | Version: 3.2.1
Severity: major | Resolution:
Keywords: | Focuses:
----------------------------+-----------------------------
Comment (by thanatica2):
> I know this is a pretty long ticket (especially if you account for all
the related ones that are linked), but it's definitely worth taking the
time to carefully read each comment. Currently magic quotes *are*
necessary because removing them could easily open us to unexpected
security vulnerabilities. And even if we fix all those in core, there
would likely be hundreds (conservative estimate) of plugins that would be
suddenly vulnerable because they were assuming slashed data and it wasn't.
You must be confusing PHP magic quotes with WP magic quotes. The latter
ones must be removed, because they mess up plugins that assume PHP can be
queried for magic quotes having been applied. This flag will be false even
if they have been applied, because it's a WP function.
This is reinventing the wheel (the square wheel, imo) and therefore
completely bollocks.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/18322#comment:39>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list