Re: PHP snippets (once again)

>> How about a write page called common security flaws in snippets.
> http://drupal.org/node/62304
> --
> Pending work: http://drupal.org/project/issues/documentation/
> List archives: http://lists.drupal.org/pipermail/documentation/
>

It would be cool if we had a workflow and you could indicate via a
checkbox whether you were submitting a snipplet, better yet detect it in
the text and then display a document that shows them common mistakes and
how to avoid them. Then after they've read the document they can continue
to submit them. In terms of the carrot approach, as Kieran is suggesting,
though I see it as a positive thing that we're not seen as overbearingly
controlling, the overbearing approach still leads to code that has been
over time very secure compared to some of the other major PHP-based web
applications. As such, I personally am against publishing code, even with
a warning, on Drupal.org that we know is flawed.

Best Regards,
Sami Khan
--
Pending work: http://drupal.org/project/issues/documentation/
List archives: http://lists.drupal.org/pipermail/documentation/