PHP snippets (once again)

Dear doc team,

I looked at several snippets yesterday and to my horror many of them  
contain *obvious*, major security holes. I've spoken with the leader of  
the security team (chx) and we agreed to unpublish all obviously insecure  
snippets, then have a discussion based on numbers (ok vs. not ok) and how  
to proceed.

In the limited sample set I've reviewed until now > 50% of the snippets  
either

- bypass 'access' security (sometimes titles, sometimes full nodes)
- allow XSS
- allow SQL injection
- allow a combination of the above

Regards,

Heine

PS Should we decide to continue with php snippets in this way, I'll also  
be the one to publish them again :(
--
Pending work: http://drupal.org/project/issues/documentation/
List archives: http://lists.drupal.org/pipermail/documentation/