[geeklog-devel] Vanishing backslashes in static pages.
Erwan HAMON
hamon.erwan at free.fr
Mon Oct 21 16:16:37 EDT 2013
Hi,
When saving then displaying a static page, backslashes '\' are removed.
There are already Mantises related to add/stripslashes so I did not
create one.
I am surprised there are still many stripslashes() calls in Geeklog's
code base.
My understanding is that $POST, $_GET and $_COOKIE should go once thru
COM_stripslashes. Any SQL query should be built using DB_escapeString().
That should be it. Shouldn't it ?
However, there are double addslashed old records in the database. These
should be corrected using an utility to be written.
Fixing the slashes problem should not be a huge undertaking code-wise.
Given the testing requirements it's probably not wise to do it just
before 2.1.0's freeze.
What are your thoughts ?
Regards,
--
Erwan HAMON - http://hamon.erwan.free.fr/
More information about the geeklog-devel
mailing list