[wp-hackers] Developer portal
Dre Feeds
feeds at armeda.com
Sat Dec 12 22:42:47 UTC 2009
We should get all these great ideas up on a page.
Cheers,
Dre Armeda
http://armeda.com
Sent from my iPhone
On Dec 12, 2009, at 2:35 PM, Jordi Canals <jordi at jcanals.cat> wrote:
> 2009/12/12 Simon Blackbourn <piemanek at gmail.com>
>
> A whole section on plugin security (using wp_nonce, avoiding xss,
> things to
>> be aware of when handling user input, etc.).
>>
>> A lot of this is not specific to WordPress of course, but I think a
>> lot of
>> self-taught coders (myself included) really first got to grips with
>> PHP
>> through writing WordPress plugins and themes.
>>
>> An easy to follow security checklist, plus other WordPress-specific
>> info,
>> plus links to existing security resources online would have been very
>> welcome.
>>
>>
> Really a best practices for plugins and themes security is a must.
> Specially
> when them allow input from anybody else than administrators.
> The security checklist for nonces and sanitizes would be really
> appreciated.
> Most of us have security on mind, but always can forget something, and
> having it from the WordPress point of view would be useful.
>
> Have more information about the best way to sanitize an option, an
> email or
> a text string by using the core WP functions, will help to avoid
> releasing
> any insecure plugin or theme.
>
> Jordi Canals
> http://alkivia.org
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list