Make WordPress Core

Changes between Version 1 and Version 2 of Ticket #33498


Ignore:
Timestamp:
08/21/2015 08:54:49 PM (9 years ago)
Author:
swissspidy
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #33498

    • Property Keywords has-patch needs-unit-tests added
  • Ticket #33498 – Description

    v1 v2  
    66WordPress runs `addslashes` on all `$_SERVER`/`$_GET`/`$_POST` variables which places a burden to remember to stripslashes before using any variable from it.
    77
    8 The get_home_path() function does not do this before using `$_SERVER['SCRIPT_FILENAME']`. This doesn't cause a problem on Linux because the path format is not modified by `addslashes`, so it works by coincidence.
     8The `get_home_path()` function does not do this before using `$_SERVER['SCRIPT_FILENAME']`. This doesn't cause a problem on Linux because the path format is not modified by `addslashes`, so it works by coincidence.
    99
    1010But on Windows, this causes the path to have double slashes (example: `C:\\inetpub\\wordpress`). Then it is passed to trailingslashit which gives a weird result: