[wp-hackers] forum post: sql injection

David House dmhouse at gmail.com
Sat Aug 6 19:11:39 GMT 2005

On 05/08/05, Mark Jaquith <mark.wordpress at txfx.net> wrote:
> So does this mean that as far as WP is concerned that magic quotes is
> always on?  I mean, obviously there are other ways of introducing data
> that will need to be escaped, but doesn't this mean that the $_GET,
> $_POST, $_COOKIE, and $_SERVER arrays are safe?

Yep. WP doesn't rely on magic_quotes_gpc.

-David House, dmhouse at gmail.com, http://xmouse.ithium.net

More information about the wp-hackers mailing list