Support » Plugins » PHP Parsed Posts

  • stevarino

    (@stevarino)


    How about a hack to start this Sunday off? I was frustrated that WordPress spazzes out anytime you try to insert php, so I made it happen. 😀
    It’s actually a safe hack using my-hacks.php with add_filter and everything! Let me know what you think while I go pray that I havn’t opened the pandora’s box of WordPress.

Viewing 4 replies - 1 through 4 (of 4 total)
  • phrancey

    (@phrancey)

    I’ve been looking for something like this, but have always been worried about the security issues. But, not knowing all that much about security, all I’ve ever been told is “it’s not secure” and never why it’s not secure.
    So, could you tell us why your hack is secure, and what makes using php regularly not secure? (for my own enlightenment).

    Moderator Matt Mullenweg

    (@matt)

    Basically that any poster could wipe your database and delete all your files, and possibly other important files on your server.

    phrancey

    (@phrancey)

    If you’re the only person posting, this wouldn’t be an issue though, would it?

    Thread Starter stevarino

    (@stevarino)

    Matt is totally right. If you have multiple posters, then there is nothing holding them back with this hack. But if it’s just you, or you don’t have to worry about potential author trouble, then this would work.
    But you also lose security protecting your weblog from yourself. If you don’t write safe code (like taking input from a user without checking it for quirks/hacks) then that could bring your post, entire weblog, or maybe even server down. This is the reference to Pandora’s Box… 🙁
    WordPress itself is quite secure. This doesn’t make it any less secure, but offers that possibility. Just make sure you know what you’re doing and question every line of code.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘PHP Parsed Posts’ is closed to new replies.