Opened 6 years ago
Closed 6 years ago
#41812 closed enhancement (invalid)
Admin options affected by theme's functions.php settings
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 4.8.1 |
| Component: | Options, Meta APIs | Keywords: | |
| Focuses: | Cc: |
Description
Hello guys,
Today, I was working on issue in admin general options. After following trails of files, started from wp-admin. I reached at theme's functions.php where Developer was adjusting $_POST for his own mean. Isn't it should be separate from the theme's changes. Because these are related to core functionality.
What he was doing is removing the magic quotes with following function and using it multiple times under the more trailing files.
function wope_remove_wp_magic_quotes(){
$_POST = array_map( 'stripslashes_deep', $_POST );
$_GET = array_map( 'stripslashes_deep', $_GET );
$_COOKIE = array_map( 'stripslashes_deep', $_COOKIE );
$_REQUEST = array_map( 'stripslashes_deep', $_REQUEST );
}
wope_remove_wp_magic_quotes();
Wordpress adding magic_quotes at wp-settings.php and this guys doing opposite. I know it's theme fault but wordpress core options affected by theme. It should not be the case.
Regards,
Team LogixTree
Change History (1)
Note: See
TracTickets for help on using
tickets.
Well, a theme can do anything a plugin can. They can hook into whatever parts of WordPress they want. There's not really a way to prevent this. It's the developer's fault/choice to do things like this.