Tag Archives: database

WordPress Database Errors and the Post Hoc Fallacy

by Austin Matzko on April 10, 2008 at 3:48 pm

Glenn Reynolds at Instapundit mentioned WordPress today in not-so-flattering terms (emphasis added): LIEBERMAN CAMPAIGN CRASHED OWN WEBSITE: “The server that hosted the joe2006.com Web site failed because it was overutilized and misconfigured.” That’s like when people send me a link to their underpowered WordPress blog, then it produces a “Database Error” message when too many […]

Posted in Users | Also tagged , | Add your comment

Protecting WordPress from SQL Injection Attacks

by Austin Matzko on January 23, 2008 at 1:31 pm

David Kierznowski at BlogSecurity suggests that WordPress is “insecure by design.” What he means is that in general WordPress does not sanitize MySQL queries. He recommends that WordPress provide “a proper set of SQL safe functions (i.e. $wpdb->escape_int and $wpdb->escape_str” and “use mysql_real_escape_string(), and have clearly defined coding standards and security policies” like Drupal does. […]

Posted in Security | Also tagged , | Read the 5 comments