[TYPO3-core] RFC: Bugfix: #10417: Remove debugging code from sysext t3skin
Steffen Kamper
info at sk-typo3.de
Thu Feb 12 09:51:47 CET 2009
Hi,
Marcus Krause schrieb:
> Hi!
>
> This is an SVN patch request.
>
> Type: bugfix
>
> Branches: 4-1, 4-2, trunk
>
> Bugtracker reference: http://bugs.typo3.org/view.php?id=10417
>
>
> Problem:
> Class Print_a_class (debuglib.php) provides debugging functionality
> (show variables, etc..). It's not needed for sysext t3skin to work, nor
> it's used at all throughout the Core.
> I guess PHP and TYPO3 do provide enough possibilities to debug code;
> additional unmaintained code is not needed.
>
> Furthermore, it's a potential security flaw as it puts request
> parameters into global scope. See Print_a_class::show_vars(). (=
> simulates register_global)
>
>
> Solution:
> Get rid of it before someone actually uses this code.
>
>
>
> Marcus.
>
+1
vg Steffen
More information about the TYPO3-team-core
mailing list