Uploaded image for project: 'Moodle Community Sites'
  1. Moodle Community Sites
  2. MDLSITE-3242

Should we prohibit unserialize?

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: Coding style
    • Labels:

      Description

      Add unserialize to the list of dangerous functions. This is dangerous if the serialised data can be modified by a user at any point (see php manual).

      We should add this to:
      http://docs.moodle.org/dev/Coding_style#Dangerous_functions_and_constructs

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: