More than two years ago, I wrote a scathing, obscenity-filled tirade about WordPress's misuse of addslashes() to escape user-supplied strings used in SQL queries.
Lots of people posted comments. Some said I was being pedantic, some said I was downright wrong, and one person linked to a diff showing a fix that was supposedly going to be in the next release.
Apparently they never got around to releasing that fix.
Comments
You turned me off from Wordpress...
I must say, your Tirade did cause me (in part) to give up using WordPress, mainly for the same reasons you did.
If only a very talented coder would release their blogging engine, then perhaps people would have an alternative. ;P
Re: You turned me off from Wordpress...
cough, cough
Real Escape String?
addslashes() is so dangerous. Rumor had it not too long ago, one fateful (ostracized) core developer was working on a Taint mode for PHP. Link pn PHP patch for taint mode while the previous link is not stable enough, at least people are working towards getting "you did something really bad" support.
I can't stand wordpress
I decided to install wordpress because yahoo is connected with them and I thought it would be cool to have a blog attached to my website, this way I could help more people, alas… I was soooo wrong.
Assuming it be as easy as yahoo’s software is to design pages, little did I know, wordpress is a complete opposite, it’s a disaster. I spent days trying to post my blog, designed pages installed several different themes thinking one of the themes is the problem. My pages I took time to type and create never display, once my first page displayed but none of the links worked. When I clicked on the link of any page a window popped up and said this url is invalid and can not be loaded. OK so I tried something else, and something else, I tried to rearange and change categories and what not, still nothing, now I am back to white page instead of my welcome page. I posted a question on their forum, no help, then it disappeared from the forum. I hate them. To me a company is only and always as good as their customer service. Wordpress customer service is non existent. I will not deal with them ever again and I will tell anyone who asks, don’t start it unless you know codeing and that if they want to start it and never finish because there will be no help, never at all, then go ahead… I recommend companies and products I know are good, I will never recommend anything that I know will hurt or upset people. I treat this in a way as representing my good name… if anyone trusts me and knows me, I will never stir them in the wrong direction…. wordpress is the worst program I have ever tried.
boo Wordpress
I agree completely. Wordpress is not what I want. Not a good experience.