[wp-hackers] forum post: sql injection
dmhouse at gmail.com
Sat Aug 6 19:11:39 GMT 2005
On 05/08/05, Mark Jaquith <mark.wordpress at txfx.net> wrote:
> So does this mean that as far as WP is concerned that magic quotes is
> always on? I mean, obviously there are other ways of introducing data
> that will need to be escaped, but doesn't this mean that the $_GET,
> $_POST, $_COOKIE, and $_SERVER arrays are safe?
Yep. WP doesn't rely on magic_quotes_gpc.
-David House, dmhouse at gmail.com, http://xmouse.ithium.net
More information about the wp-hackers