[OpenID] OpenID and WordPress

Alf Eaton lists at hubmed.org
Thu Jan 11 22:05:06 UTC 2007


Jonathan Daugherty wrote:
> # Has anyone checked that code for SQL injection vulnerabilities?
> # 
> # (For example, line 197 in openid_module looks scary, but maybe 
> # I'm missing something.)
> 
> Presuming Drupal's db_query() replaces placeholders with escaped data,
> there's no injection vulnerability there.

It does, so there isn't.

alf.



More information about the general mailing list