[geeklog-devel] Vanishing backslashes in static pages.

Erwan HAMON hamon.erwan at free.fr
Mon Oct 21 16:16:37 EDT 2013


Hi,

When saving then displaying a static page, backslashes '\' are removed.

There are already Mantises related to add/stripslashes so I did not 
create one.

I am surprised there are still many stripslashes() calls in Geeklog's 
code base.

My understanding is that $POST, $_GET and $_COOKIE should go once thru 
COM_stripslashes. Any SQL query should be built using DB_escapeString(). 
That should be it. Shouldn't it ?

However, there are double addslashed old records in the database. These 
should be corrected using an utility to be written.

Fixing the slashes problem should not be a huge undertaking code-wise. 
Given the testing requirements it's probably not wise to do it just 
before 2.1.0's freeze.

What are your thoughts ?

Regards,

-- 
Erwan HAMON - http://hamon.erwan.free.fr/



More information about the geeklog-devel mailing list