Heine

  • home
  • drupal
  • about
Home

Quiz

Why are these examples of dangerous code?

Heine — Thu, 09/10/2008 - 09:35

Just think about it for a minute before jumping to someone, who has the first one right or Gordon, who nails them both.

Example I

function example_one($nid) {
  // Lots of code
  $node = node_load($nid);  
  // ...
  $user = user_load(array('uid' => $node->uid));
}

Example II

function example_two($account) {
  // ...
  $account = user_load(array('uid' => $uid));
}

  • Planet Drupal
  • Quiz
  • Security
  • 12 comments
Syndicate content

Recent posts

  • In doubt? Read the specs!
  • About the Webform SA
  • Psalmen voor Altblokfluit
  • Unserializing user-supplied data, a bad idea
  • Planet Drupal past and current
more

Security reviews

  • Afraid custom code makes your site vulnerable?
  • You don't really trust that module you just downloaded from Drupal.org?

Sleep better after a security review.

Tags

bladmuziek blood donation blood supply CSRF Drupal Input Format modx MSM Performance Planet Drupal Security Varnish
more tags
  • home
  • drupal
  • about

Copyright © 2011 by Heine Deelstra. All rights reserved.