fix: remove unserialize() in old()

I can't think of any use cases.
2025-02-20 11:44:28 +08:00 · 2021-11-11 17:10:10 +09:00 · 2021-11-11 17:10:10 +09:00 · 18138fa4c7
commit 18138fa4c7
parent 76ad2ad24e
2 changed files with 1 additions and 6 deletions
--- a/system/Common.php
+++ b/system/Common.php
@ -813,11 +813,6 @@ if (! function_exists('old')) {
            return $default;
        }

-        // If the result was serialized array or string, then unserialize it for use...
-        if (is_string($value) && (strpos($value, 'a:') === 0 || strpos($value, 's:') === 0)) {
-            $value = unserialize($value);
-        }
-
        return $escape === false ? $value : esc($value, $escape);
    }
 }
--- a/tests/system/CommonFunctionsTest.php
+++ b/tests/system/CommonFunctionsTest.php
@ -300,7 +300,7 @@ final class CommonFunctionsTest extends CIUnitTestCase
        $_GET     = ['foo' => 'bar'];
        $_POST    = [
            'bar'    => 'baz',
-            'zibble' => serialize('fritz'),
+            'zibble' => 'fritz',
        ];

        $response = new RedirectResponse(new App());