[wp-hackers] forum post: sql injection

[David House]

On 05/08/05, Mark Jaquith <mark.wordpress at txfx.net> wrote:
> So does this mean that as far as WP is concerned that magic quotes is
> always on?  I mean, obviously there are other ways of introducing data
> that will need to be escaped, but doesn't this mean that the $_GET,
> $_POST, $_COOKIE, and $_SERVER arrays are safe?

Yep. WP doesn't rely on magic_quotes_gpc.

-- 
-David House, dmhouse at gmail.com, http://xmouse.ithium.net