[wp-hackers] Making WP more secure the evolutionary way
DD32
wordpress at dd32.id.au
Wed Jan 21 23:21:51 GMT 2009
You might be interested in:
http://trac.wordpress.org/ticket/6836
http://trac.wordpress.org/ticket/7171
Also, It seems to be that you're suggesting in your patch that using
raw SQL (even though its prepared) is a bad idea? Or am i reading it
wrong? :)
2009/1/22 Florian Thiel <flo.thiel+wphackers at googlemail.com>:
> I produced a patch against WordPress 2.7 which annotates and
> classifies all uses of raw inline SQL. The classification tells you
> how much work it would be to get rid of the inline use of SQL. The
> patch can be found at
> http://www.noroute.de/downloads/research/wordpress-2.7_sqlannotations.diff
More information about the wp-hackers
mailing list