[wp-trac] [WordPress Trac] #32373: Allow For execution of code before login processing
WordPress Trac
noreply at wordpress.org
Sat May 23 07:47:38 UTC 2015
#32373: Allow For execution of code before login processing
-------------------------+----------------------
Reporter: Another Guy | Owner:
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Security | Version: trunk
Severity: normal | Resolution: invalid
Keywords: | Focuses:
-------------------------+----------------------
Comment (by Another Guy):
@knutsp : wp-config is a configuration file, which is used to set
variables and parameters. It's generally NOT where any real code is run.
Moreover, it's loaded on every page load, which means that any additional
security code or filtering code would be run by every visitor, every page.
I tend to want to find the elegant solution that hits only the needs, and
doesn't add any negatives to the rest of the system performance.
I guess what I was hoping for was a "wp-secured-areas.php" or similar
included at the start of any code which has user input or interaction
(process comments, logins, registration, etc) and not have to have that
code pulled into every page view. Codifying it and making it exist as a
standard piece would allow for new and different approaches related to
securing a wordpress installation.
thanks
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32373#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list