WordPress.org

Ready to get started?Download WordPress

Forums

[Plugin: WP ImageTagger] RunPHP or equivalent plugin security concerns (6 posts)

  1. Gene53
    Member
    Posted 4 years ago #

    Hi,

    I'm following the development of this plugin with interest but I will not use it on my site on account of "Make sure you can run PHP code from your page text (using plugins like runPHP)".

    Such plugins are a major security risk and as I've suggested before, a page tag (i.e. [imagetagger=parameters] would be the way to go.

    Cheers,
    Gene

    http://wordpress.org/extend/plugins/wp-imagetagger/

  2. phd38
    Member
    Posted 4 years ago #

    Hi Gene,

    I did not forget this aspect. It is the next thing I will focus on.

    Although I already played a bit with this hook mechanism, I am not a specialist. Would you have recommended readings or any guidelines for this specific case ?

    Then I will have to provide both implementations for keeping the compatibility, while recommending the short code method (I might decide to enforce it by printing a special advisory notice line in case the PHP function is called).

    I will deprecate the PHP call.

    Waiting to read your advices and guiding on short code implementation,
    Bruno

  3. phd38
    Member
    Posted 4 years ago #

    Think I found the right page :

    http://codex.wordpress.org/Shortcode_API

    Shortcode implementation expected in 2.5.2.

  4. Gene53
    Member
    Posted 4 years ago #

    Salut Bruno, ca va?

    http://codex.wordpress.org/Shortcode_API is exactly what I had in mind, glad that you found it.

    I'm really looking forward to version 2.5.2

    Best of luck,
    Gene

  5. phd38
    Member
    Posted 4 years ago #

    ... and here we go :

    http://downloads.wordpress.org/plugin/wp-imagetagger.2.5.2.zip

    Tell me if this answers. It works fine on my end.

  6. Gene53
    Member
    Posted 4 years ago #

    Sorry for the tardy reply, I was away for a couple of days. I'm about to download it and give it a try.

    Thanks and congrats on the new version,
    Gene

Topic Closed

This topic has been closed to new replies.

About this Topic