undefined | Better HN

0 pointsAmericanChopper7y ago0 comments

Right, so you actually have absolutely nothing to say about the quality of wpdb.

My point stands. The worst problems in Wordpress are the plugin ecosystem and poorly maintained instances.

0 comments

Just because you choose to ignore valid criticism, that doesnt mean there is no criticism.

Go read https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb...

A couple of little snippets to highlight the point I'm trying to make:

> The current system is insecure-by-design. That doesn’t mean it’s always hackable, but it means you have to actively work to make it not attackable. It’s better to switch to a design that’s secure-by-default and make the insecure the exceptional case.

> The best path forward would be to switch to PDO/MySQLi and use real prepared statements and not emulate them in PHP land. That’s the best path forward.

But given that the core wordpress team basically ignore this type of suggestion from PHP core contributors, why would I expect you to believe me about it here?

j / k navigate · click thread line to collapse