WordPress’s idea of SQL injection security: addslashes: I found this post while I was in the middle of wrestling with this, exact problem and it was driving me nuts, so I’m sympathetic to this guy’s plight. And he puts it so well.
I’ve decided to launch a whole new category here on wonko.com. I’m calling it Crappy Code. Whenever I come across a really crappy piece of code in an open source application, I’ll write a cantankerous, insult-laden post all about how crappy it is and then, when applicable, I’ll offer up a suggestion for improving said code.
[…] If I had to list all the things I hate about WordPress, I’d probably kill myself instead. But here’s an example of the sorts of things that might be on that list if my suicide attempt were to fail:
[…] Nobody who uses WordPress actually gives a sh*t about how crappy the code is, so it’s insanely popular. Wound: check. Salt: check.
WordPress makes me laugh. It’s so…fun to use; you can get things done really, really quickly; and it’s popular like crazy. But let’s just admit that the WordPress codebase is the stuff of nightmares. Every once in a while, I look at something in there and say…WTF?
WordPress is like that guy you knew in college that was a blast to hang out with, but that did the craziest stuff when he got drunk. You just had to shake your head sometimes, but whenever he called to go to the bar, you never said no.