[wp-hackers] Developer portal

Dre Feeds feeds at armeda.com
Sat Dec 12 22:42:47 UTC 2009

We should get all these great ideas up on a page.

Dre Armeda

Sent from my iPhone

On Dec 12, 2009, at 2:35 PM, Jordi Canals <jordi at jcanals.cat> wrote:

> 2009/12/12 Simon Blackbourn <piemanek at gmail.com>
> A whole section on plugin security (using wp_nonce, avoiding xss,  
> things to
>> be aware of when handling user input, etc.).
>> A lot of this is not specific to WordPress of course, but I think a  
>> lot of
>> self-taught coders (myself included) really first got to grips with  
>> PHP
>> through writing WordPress plugins and themes.
>> An easy to follow security checklist, plus other WordPress-specific  
>> info,
>> plus links to existing security resources online would have been very
>> welcome.
> Really a best practices for plugins and themes security is a must.  
> Specially
> when them allow input from anybody else than administrators.
> The security checklist for nonces and sanitizes would be really  
> appreciated.
> Most of us have security on mind, but always can forget something, and
> having it from the WordPress point of view would be useful.
> Have more information about the best way to sanitize an option, an  
> email or
> a text string by using the core WP functions, will help to avoid  
> releasing
> any insecure plugin or theme.
> Jordi Canals
> http://alkivia.org
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list