#17089 closed enhancement (wontfix)
Documentation for "Escaped with Slashes"
Reported by: | WraithKenny | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | trivial | Version: | 3.1 |
Component: | Inline Docs | Keywords: | |
Focuses: | Cc: |
Description
Documentation should be updated for wp_filter_kses
, and wp_filter_post_kses
to mention:
"Escaped with Slashes" is usually expected because
wp_magic_quotes
escapes$_GET
,$_POST
,$_COOKIE
,$_SERVER
, and$_REQUEST
early (in the hook system, shortly after 'plugins_loaded' but earlier then 'init' or 'wp_loaded').
It might save a new developer much headache when attempting to choose and use sanitation functions.
Change History (3)
#1
@
13 years ago
- Milestone Awaiting Review deleted
- Resolution set to wontfix
- Status changed from new to closed
#2
@
13 years ago
- Keywords 2nd-opinion removed
Doesn't matter to me anymore as I've learned the lesson, but some devs new to WordPress may be unaware of wp_magic_quotes
and not understand which function to use when attempting to secure their plugins. My thought was to make data sanitation easier, and Plugin work more accessible to n00bs like me.
I did update codex so I suppose that's enough.
I don't see why you would add that explanation specifically to those functions.
There are plenty other functions that use similar terminology: "expected slashed".
You take it as it is: it means that it will call stripslashes(). It doesn't and shouldn't care why the data that it's getting is slashed in the first place.