[Plugin: Ultimate Security Checker] Why Are You Using Eval() in this Plugin?

  • Resolved tankard

    (@tankard)


    13 years ago

    Hi,

    I’m just checking. Could you please explain what is this bit of code doing in securitycheck.class.php?

    'eval' => $this->gen_random_string(50).'eval()'.$this->gen_random_string(50),

    I am natuarlly apprehensive of people using eval but I’m also aware that it can be used for a good purpose.

    My first reaction was to deactivate and delete the plugin immediately but I guess I’ll give you a chance 🙂

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author bsndev

    (@bsndev)

    13 years ago

    Hey,

    I’m doing it to check if you have done something against urls with eval inside them 🙂
    If not – I show that for you in report. Also in new version 2.5 you can see the second tab which explains how to secure your blog and close issues.

    Thread Starter tankard

    (@tankard)

    13 years ago

    ok, that’s fair enough. You got 5 stars for me 🙂

    Plugin Author bsndev

    (@bsndev)

    13 years ago

    thanks!

    jamesptyler

    (@jamesptyler)

    12 years, 2 months ago

    This plugin should not be used…completely compromised! Use TAC plugin and verify what I say.

    Plugin Author bsndev

    (@bsndev)

    12 years, 2 months ago

    James, please point the exact problem, so we can fix it or stop complaining about missing problems.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Plugin: Ultimate Security Checker] Why Are You Using Eval() in this Plugin?’ is closed to new replies.