Oliver,
CTC uses WordPress security functions to handle I/O operations.
1. All requests (including AJAX requests) are validated via the check_admin_referer
and check_ajax_referer
functions (which requires a valid nonce). Only requests from admin users with install_themes
capability are processed. If a malicious user has this level of access then there are many ways to compromise the site besides this plugin.
2. Files are created, updated and deleted using the WordPress Filesystem API, which forces authentication if the server is not configured to use SetUID. Permissions are set by the API based on the server’s configuration.
3. CSS input is parsed and normalized into a complex multidimensional array. This is how CTC is able to cross-tabulate the style data in many different ways. This data is then serialized using the WordPress Options API. These arrays are validated before writing and after reading.
4. CTC does not use inline styles like many other CSS plugins. Instead, it constructs the CSS file from the configuration data array. This file is then linked as a stylesheet during the wp_head()
function.
5. CTC does not use its own file editor. If available, it sends the user to the WordPress Theme Editor (under the Appearance menu).
6. CTC uses the WordPress upload and sideload functions to process image file transfers.
In general, CTC is as secure as any other part of the WordPress admin.
Great answer! Thank you very much for such thorough info. I can see you are doing things the right way, which is always good to see.
Thank you again!
Regards,
Oliver