[wp-testers] wordpress and php security
mark.wordpress at txfx.net
Sat Dec 23 11:03:37 GMT 2006
On Dec 23, 2006, at 1:45 AM, Brian Layman wrote:
> With all of the different configrations available, I can sure
> why they'd want to be in full control of the processing of the data.
For a just-starting closed-source project on PHP 5.2 servers that you
control... the filter extension *might* be a good choice. For an
open source project like ours or Serendipity or Flyspray, you would
have to either abandon your PHP < 5.2 userbase, or maintain two
filter systems. Heck, even if you do abandon your PHP < 5.2 userbase
you'll have to maintain two filter systems to work around bugs and
shortcomings  in the filter extension.
I'm much more interested to see the PHP-based input/output filters
library that the Hardened-PHP Project is going to develop .
Covered Web Services
More information about the wp-testers