[theme-reviewers] Why themes should not use fopen?
Satish Gandham
satish.iitg at gmail.com
Thu May 19 14:15:39 UTC 2011
Ok, If there are security issues, then i have nothing to say. I was saying
method 2 was better without considering the security.
------
Web user can upload files to wordpress uploads directory, is it not possible
to treat the CSS file as the other files uploaded to uploads directory?
How about making the CSS file writable without execute permissions?
If images and other media can be in uploads directory, then there should be
a way for CSS and JS to be present there without creating problems, because
these are static files just like the images?
If there is a way to write the files as ADMIN, without write permissions to
webuser, is method one still the best?
Satish Gandham
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110519/c264e590/attachment.htm>
More information about the theme-reviewers
mailing list