Changes between Initial Version and Version 1 of Ticket #48605
- Timestamp:
- 11/14/2019 10:07:56 AM (15 months ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #48605 – Description
initial v1 3 3 wp_magic_quotes() applies add_magic_quotes() to a wide variety of globals, including $_SERVER. Unfortunately, add_magic_quotes() indiscriminately calls addslashes() on ''every single non-array value'', effectively recasting integers to strings. 4 4 5 For instance, $_SERVER['REQUEST_TIME'], which is a unix timestamp, gets recast to a string of numbers, breaking downstream functionality (like PhpUnit) that expects the timestamp to actually be a timestamp.5 For instance, `$_SERVER['REQUEST_TIME']`, which is a unix timestamp, gets recast to a string of numbers, breaking downstream functionality (like PhpUnit) that expects the timestamp to actually be a timestamp. 6 6 7 7 add_magic_quotes() needs to be updated to only apply addslashes() when the type of the value is already a string.