[wp-hackers] Security at Wordpress

Rob Mientjes robmientjes at gmail.com
Mon Apr 24 15:14:16 GMT 2006

On 24/04/06, Ryan Scheuermann <ryan at concept64.com> wrote:
> Drop the buttons for "Delete" completely and make checkboxes for each,
> with a "Delete Posts" submit button on the bottom of the page?  We
> already do this on the Manage Bookmarks page and it's actually more
> user-friendly because you can delete multiple posts/pages at once.
> Plus, it slightly curbs people with Javascript disabled or JS problems
> from accidentally clicking the "Delete" button and with no confirmation
> popup from "poof" post gone, sorry.  And that would also remove the need
> for the AJAX list management code, or we could still use AJAX for the
> form submit...
> <snip />
> Or, we don't allow approving comments from emails, but we provide a link
> to WP Admin where you can (using a POST).  I don't know, I'm all about
> the aesthetically pleasing GUI, but this seems a little trivial for
> something that can be accomplished with REST and still be aesthetically
> pleasing with checkboxes.

The question is: is it feasible? I mean, checkboxes are intended for
selected mass... er... selection. Do people really delete three or
fifteen posts at a time? How great is the need for a mass edit
interface with posts, as compared to bookmarks and comments?


More information about the wp-hackers mailing list