[OpenID] OpenID and WordPress
Jonathan Daugherty
cygnus at janrain.com
Thu Jan 11 17:55:17 UTC 2007
# Has anyone checked that code for SQL injection vulnerabilities?
#
# (For example, line 197 in openid_module looks scary, but maybe
# I'm missing something.)
Presuming Drupal's db_query() replaces placeholders with escaped data,
there's no injection vulnerability there.
--
Jonathan Daugherty
JanRain, Inc.
irc.freenode.net: cygnus in #openid
cygnus.myopenid.com
More information about the general
mailing list