Uploaded image for project: 'Moodle Community Sites'
  1. Moodle Community Sites
  2. MDLSITE-3242

Should we prohibit unserialize?

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: Coding style
    • Labels:

      Description

      Add unserialize to the list of dangerous functions. This is dangerous if the serialised data can be modified by a user at any point (see php manual).

      We should add this to:
      http://docs.moodle.org/dev/Coding_style#Dangerous_functions_and_constructs

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              damyon Damyon Wiese
              Participants:
              Component watchers:
              Marina Glancy, Eloy Lafuente (stronk7)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: