WordPress.org
Get WordPress

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #21767, comment 47


Ignore:
Timestamp:
02/04/2013 03:07:02 PM (13 years ago)
Author:
ryan
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #21767, comment 47

    initial v1  
    1 That gets a start on introducing and using two new slash functions. Any stripslashes() or stripslashes_deep() call on GPC data should be converted to wp_unslash(). If a function makes lots of strip calls on $_POST data, consider adding $post_data = wp_unslash( $_POST ) at the top of the function. This does have the drawback that once wp_unslash() no longer unslashes the $post_data assignment will be pointless. It's a matter of style whether we want to add wp_unslash() calls for each use of $_POST in a function or change $_POST to $post_data everywhere in the function.
     1That gets a start on introducing and using two new slash functions. Any stripslashes() or stripslashes_deep() calls on GPC data should be converted to wp_unslash(). If a function makes lots of unlsash calls on $_POST data, consider adding $post_data = wp_unslash( $_POST ) at the top of the function and use $post_data instead of $_POST everywhere in the function. This does have the drawback that once wp_unslash() no longer unslashes, the $post_data assignment will be pointless. It's a matter of style whether we want to add wp_unslash() calls for each use of $_POST in a function or change $_POST to $post_data everywhere in the function.