[wp-hackers] Input for patch

Daniel Torreblanca regulatethis at gmail.com
Thu Apr 16 23:09:15 GMT 2009

I just submitted a new patch for this issue that I tried tackling a while ago:


This fix is compatible with PHP4 and from what I can tell, it doesn't
have any impact in other areas (i.e. something expecting requiring the
value to be urlencoded/etc).

It's bizarre, but the cookie value when I view it through my browser
is urlencoded, however after it's grabbed through $_COOKIE, the quote
is turned into an html entity. Anyone know why this is happening? My
understanding is that PHP uses urlencoding in the setcookie() call,
and nowhere in the PHP documentation can I find an explanation for

Secondly, this patch only runs comment_author through
html_entity_decode... Might it make sense to do the same for all the
comment data?


More information about the wp-hackers mailing list