WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #38073


Ignore:
Timestamp:
09/16/2016 03:49:32 PM (3 years ago)
Author:
swissspidy
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #38073 – Description

    initial v1  
    1 `wp_reset_vars()` sets global variables based on `$_POST` and `$_GET` values. The function is used is used around 20 times in core and in my opinion this should be zero. Even better, the function should be deprecated.
     1`wp_reset_vars()` sets global variables based on `$_POST` and `$_GET` values. The function is used around 20 times in core and in my opinion this should be zero. Even better, the function should be deprecated.
    22
    33Why?
    44
    5 First of all, it's easy to shoot yourself in the foot if you forget to properly sanitize the input value. Second, globals set bei `wp_reset_vars()` aren't explicitly globalized in the files / functions using it. You might stumble upon code like this:
     5First of all, it's easy to shoot yourself in the foot if you forget to properly sanitize the input value. Second, globals set by `wp_reset_vars()` aren't explicitly globalized in the files / functions using it. You might stumble upon code like this:
    66
    77{{{#!php