[TYPO3-core] RFC: #11438: Add a registry to t3lib

Bastian Waidelich bastian at typo3.org
Mon Aug 10 15:46:06 CEST 2009


Oliver Hader wrote:

Hi there,

>>> Why do you do your own quoting? There's an official method that should
>>> be used every time, even if you are sure that your quoting system will
>>> be OK.

> Argh, wrong example... It's about the key not the value. However, we
> never know how that key is set from an extension...

It's about the value too. Even though it will be serialized, there might 
be a way to inject commands.

Bastian


More information about the TYPO3-team-core mailing list