[wp-hackers] WordPress Charset SQL Injection Vulnerability
Matt Mullenweg
m at mullenweg.com
Sun Dec 16 03:03:51 GMT 2007
Austin Matzko wrote:
> I think he may be talking about suppressing DB errors in general. For
> example, currently WP calls the wpdb show_errors method in several
> places. It seems to me that the show_errors object variable should be
> set to false, and the show_errors method should be called only if
> WP_DEBUG is set to true. Were that the case, the error mentioned in
> this thread would not show.
I agree.
We should also take the WordPress logo out of pages we show when the
blog is down, it's bad associations. :)
--
Matt Mullenweg
http://photomatt.net | http://wordpress.org
http://automattic.com | http://akismet.com
More information about the wp-hackers
mailing list