[pLog-svn] r6276 - in plog/branches/lifetype-1.2/class: data/validator misc template test/tests/misc

[Jon Daley]

On Sat, 29 Mar 2008, Jon Daley wrote:
> I just went to check to see how wordpress does it, and it turns out they are 
> significantly worse off than we are.  I'll file a bug with them. Perhaps my 
> attacker wasn't specifically attacking lifetype, but knew that lots of 
> resource uploaders don't work well in the validation department.
 	Ah.  Wordpress allows admins to upload php scripts (though they 
report an error and say that the file isn't uploaded), but don't allow 
other users to do so.  Not so critical.  I can't figure out where to 
report a bug for wordpress though.