[pLog-svn] r5861 - plog/branches/lifetype-1.2/class/data
Oscar Renalias
oscar at renalias.net
Thu Aug 23 05:56:04 EDT 2007
Yes, we never use $_REQUEST as far as I can tell.
I will check my local installation regarding magic_quotes and give it
a try later. I don't know about magic_quotes in my other lifetype
installations at renalias.net and lifetype, perhaps you can tell me
:-)
Oscar
On 8/23/07, Jon Daley <plogworld at jon.limedaley.com> wrote:
> I know. I need to setup a test installation to run the test
> cases, and see what the status of the current tests are, and then see if
> there are any other tests that can be written.
> How many of you are running with magic_quotes on? A bunch of
> these changes only affected people who had it on (like myself).
> You recently went through the input/validation side, right? Is it
> a true statement that we never directly get POST/GET variables, but always
> request them through $request?
>
> On Thu, 23 Aug 2007, Oscar Renalias wrote:
>
> > I'm worried about changes like this. Is there any we can get this test
> > with a test case? It looks difficult, though.
> >
> > On 8/22/07, jondaley at devel.lifetype.net <jondaley at devel.lifetype.net> wrote:
> >> Author: jondaley
> >> Date: 2007-08-22 16:46:32 -0400 (Wed, 22 Aug 2007)
> >> New Revision: 5861
> >>
> >> Modified:
> >> plog/branches/lifetype-1.2/class/data/kses.class.php
> >> Log:
> >> we don't need to strip slashes here either, all input comes through request, and if it doesn't, it should, otherwise, we end up stripping the slashes more than once
> >>
> >> Modified: plog/branches/lifetype-1.2/class/data/kses.class.php
> >> ===================================================================
> >> --- plog/branches/lifetype-1.2/class/data/kses.class.php 2007-08-22 20:45:03 UTC (rev 5860)
> >> +++ plog/branches/lifetype-1.2/class/data/kses.class.php 2007-08-22 20:46:32 UTC (rev 5861)
> >> @@ -76,10 +76,6 @@
> >>
> >> function Parse($string = "")
> >> {
> >> - if (get_magic_quotes_gpc())
> >> - {
> >> - $string = stripslashes($string);
> >> - }
> >> $string = $this->_no_null($string);
> >> $string = $this->_js_entities($string);
> >> $string = $this->_normalize_entities($string);
> >>
> >> _______________________________________________
> >> pLog-svn mailing list
> >> pLog-svn at devel.lifetype.net
> >> http://limedaley.com/mailman/listinfo/plog-svn
> >>
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://limedaley.com/mailman/listinfo/plog-svn
> >
>
> --
> Jon Daley
> http://jon.limedaley.com/
>
> You can go anywhere you want if you
> look serious and carry a clipboard.
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
More information about the pLog-svn
mailing list