Francis Gulota
Forum Replies Created
-
Forum: Requests and Feedback
In reply to: Version 3.0 Features- Better multiple domain support from MU – including subdomain support like ‘www’
- Cleanup of MU’s interfaces – I recently started using it and it’s confusing as hell compared to the rest of wordpress
- Better media support for pictures and videos – but mainly pictures
- some refactoring of the database to improve it’s performance and scalability – a little cleanup could go a *LONG* way
Make sure open short tags is enabled with your php – it’s currently a requirement
Forum: Plugins
In reply to: [Plugin: Business Directory] Directory Plugin Doesn’t WorkShort tags are still not good practice.
http://stackoverflow.com/questions/200640/are-php-short-tags-acceptable-to-use
The latest version fixes the javascript xss bugs, and no longer suffers from any sql injection attacks. I’m running it right now. They use php short tags, fixing that is my last quip, but it’s not a security risk in the slightest.
Hey, I did reply to your email and your old version of your plugin was riddled with security holes. So don’t question my motives beyond wanting to run a secure server.
I haven’t yet tested your new one. If you’ve removed where you used pregreplace to escape ‘s with \’ in javascript strings and if you properly escaped your sql inputs then I’m sure your plugin is much much safer. I’ll confirm that wordpress security team contacted you. I’ll look at it closer and then give my opinion.
Just to note, you still have a bunch of problems with your new version.