[wp-hackers] forum post: sql injection

Mark Jaquith mark.wordpress at txfx.net
Fri Aug 5 06:23:25 GMT 2005

Ryan Boren wrote:

> wp-settings.php 

Heh.  It's even recursive for arrays.  I can't believe I didn't know 
about this.  :-[

So does this mean that as far as WP is concerned that magic quotes is 
always on?  I mean, obviously there are other ways of introducing data 
that will need to be escaped, but doesn't this mean that the $_GET, 
$_POST, $_COOKIE, and $_SERVER arrays are safe?

Mark Jaquith
MCincubus @ #wordpress

More information about the wp-hackers mailing list