[wp-hackers] is php code in index.php dangerous?
Eric Nash
ericnash at gmail.com
Sun Jul 18 15:37:53 UTC 2004
luckly, wp is strictly personal, not public-service-ready blog tool.
On Sun, 18 Jul 2004 08:20:46 -0700, Jason goldsmith <unteins at gmail.com> wrote:
> At least some php yes.....
>
> You can't prevent someone from running php.....but you CAN configure
> php to disallow the use of functions from php. So, you could find
> disable a large portion of PHP by not letting those functions be used.
>
>
>
> On Sun, 18 Jul 2004 07:57:38 -0600, Alex King <alex at alexking.org> wrote:
> > I'm pretty sure you can execute PHP from w/in a Smarty template.
> >
> > --Alex
> >
> > http://www.alexking.org/
> >
> >
> >
> >
> > On Jul 18, 2004, at 7:54 AM, Mark Wubben wrote:
> >
> > > On Sun, 18 Jul 2004 22:34:02 +1000, Michael G <michael at wakeless.net>
> > > wrote:
> > >> The wordpress template is all PHP code, it doesn't use templates in
> > >> the
> > >> commonly used meaning of the word. I thought I saw that that was in
> > >> the
> > >> pipeline but certainly not at this point in time.
> > >
> > > Eric, you might build a template system (e.g. Smarty) on top of
> > > WordPress. If you then prevent your users from installing plugins you
> > > should be fine.
> >
> > _______________________________________________
> > hackers mailing list
> > hackers at wordpress.org
> > http://wordpress.org/mailman/listinfo/hackers_wordpress.org
> >
>
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>
More information about the hackers
mailing list