User "Cryptocoryne" changed the status of MediaWiki.r101329. Old Status: new New Status: fixme
User "Cryptocoryne" also posted a comment on MediaWiki.r101329. Full URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/101329#c25262 Commit summary: Fixing and improvement code of CheckUser API module Comment: Ok, better solution in this code is simple reverting extract()'s calls or add a prefix with EXTR_PREFIX_ALL (probably, this prevents potential vulnerabilities)? I see using extract() in CheckUserHooks, where there is no user input. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
