[wp-hackers] Security at Wordpress

Ryan Scheuermann ryan at concept64.com
Mon Apr 24 15:18:32 GMT 2006


Rob Mientjes wrote:
> On 24/04/06, Ryan Scheuermann <ryan at concept64.com> wrote:
>   
>> Drop the buttons for "Delete" completely and make checkboxes for each,
>> with a "Delete Posts" submit button on the bottom of the page?  We
>> already do this on the Manage Bookmarks page and it's actually more
>> user-friendly because you can delete multiple posts/pages at once.
>> Plus, it slightly curbs people with Javascript disabled or JS problems
>> from accidentally clicking the "Delete" button and with no confirmation
>> popup from "poof" post gone, sorry.  And that would also remove the need
>> for the AJAX list management code, or we could still use AJAX for the
>> form submit...
>> <snip />
>> Or, we don't allow approving comments from emails, but we provide a link
>> to WP Admin where you can (using a POST).  I don't know, I'm all about
>> the aesthetically pleasing GUI, but this seems a little trivial for
>> something that can be accomplished with REST and still be aesthetically
>> pleasing with checkboxes.
>>     
>
> The question is: is it feasible? I mean, checkboxes are intended for
> selected mass... er... selection. Do people really delete three or
> fifteen posts at a time? How great is the need for a mass edit
> interface with posts, as compared to bookmarks and comments?
>
> -Rob.
>   
Really, it's just a difference between two clicks or one.   Mass delete 
may not be "needed" but it's certainly giving the user an ability they 
didn't have before.  And it does solve the problem of making the Delete 
action distinct from the Edit link.

Ryan Scheuermann


More information about the wp-hackers mailing list