> On Mar 22, 2020, at 7:14 PM, Craig Francis <cr...@craigfrancis.co.uk> wrote:
>
> On Sun, 22 Mar 2020 at 19:11, Mike Schinkel <m...@newclarity.net> wrote:
>> IMO getting that in WordPress core is highly unlikely
>
> Good point, like all systems, WordPress will need to consider older versions
> of PHP.
>
> But, because this is a new function, they can avoid that issue by using
> `function_exists()`, as in...
>
> if (function_exists('is_literal') && !is_literal($sql)) {
> trigger_error('This is an unsafe $query, please use $wpdb->prepare()',
> E_USER_NOTICE);
> }
True....
> This would be a pretty easy way for WordPress to show they take security
> seriously, and helping developers to avoid these "all too common" mistakes.
>
> But I do appreciate how much effort it can be to introduce anything in to
> WordPress :-)
...but I will let you be the one to champion that cause given how much effort
not being a core developer and getting anything added to WordPress it is. :-)
-Mike
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
