[wp-hackers] Making WP more secure the evolutionary way

DD32 wordpress at dd32.id.au
Wed Jan 21 23:21:51 GMT 2009


You might be interested in:
http://trac.wordpress.org/ticket/6836
http://trac.wordpress.org/ticket/7171

Also, It seems to be that you're suggesting in your patch that using
raw SQL (even though its prepared) is a bad idea?  Or am i reading it
wrong? :)

2009/1/22 Florian Thiel <flo.thiel+wphackers at googlemail.com>:
> I produced a patch against WordPress 2.7 which annotates and
> classifies all uses of raw inline SQL. The classification tells you
> how much work it would be to get rid of the inline use of SQL. The
> patch can be found at
> http://www.noroute.de/downloads/research/wordpress-2.7_sqlannotations.diff


More information about the wp-hackers mailing list