WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 7 years ago

#4105 closed defect (bug) (fixed)

add_query_arg treats slashes inconsistently and tries to do it after urlencoding

Reported by: mdawaffe Owned by:
Milestone: 2.2 Priority: low
Severity: major Version: 2.2
Component: General Keywords:
Focuses: Cc:

Description

parse_str() adds slashes if get_magic_quotes_gpc() is true, so add_query_arg() applies stripslashes() to its output in that case.

However, not all of the query args are run through parse_str(), so add_query_arg() strips slashes from some things it should not.

The problem is magnified by the fact that add_query_arg tries to stripslashes() only after ramurlencoding much of its ouput.

Attachments (1)

4105.diff (751 bytes) - added by mdawaffe 7 years ago.

Download all attachments as: .zip

Change History (4)

mdawaffe7 years ago

comment:2 mdawaffe7 years ago

Related to #4084 (encoding behavior)

comment:3 rob1n7 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [5200]) Move the stripslashes(), and change it to stripslashes_deep(). Props mdawaffe. fixes #4105

Note: See TracTickets for help on using tickets.