[wp-hackers] WordPress Charset SQL Injection Vulnerability
Dino Termini
dino at duechiacchiere.it
Sat Dec 15 23:37:56 GMT 2007
Austin Matzko ha scritto:
> example, currently WP calls the wpdb show_errors method in several
> places. It seems to me that the show_errors object variable should be
> set to false, and the show_errors method should be called only if
> WP_DEBUG is set to true.
I agree with this, definely! Currently I had to hack my Wordpress in
order to hide those errors, and show a courtesy message (something more
user friendly, like "we apologyze for the inconvenience, and will be
back as soon as possible") to my visitors. I hope next versions of
Wordpress will include this feature by default.
--
due chiacchiere <http://feeds.feedburner.com/duechiacchiere>
More information about the wp-hackers
mailing list