[CentOS-devel] forums + portal for {lang}.centos.org sites
Karanbir Singh
kbsingh at centos.org
Tue Sep 30 17:50:32 UTC 2008
Stephane Corlosquet wrote:
>> yes, and its things like this :
>>
>> http://drupal.org/node/313054
>>
>> which are quite scary.
>>
> This is what happens when you don't use the Drupal API
> <http://api.drupal.org/>, which saves the developers from having to
> worry about common security issues like XSS, CSRF, SQL injection etc. In
> that way it's very quick to evaluate the quality of a module: you just
> need to check whether they make good use of the API or not...
Surely this is the responsibility of the drupal devteam and not the
userbase to ensure stuff like this is not included. That specific module
was at some time distributed from the drupal.org website wasent it ?
I dont really want to sit here and audit every bit of code that is going
to come along with drupal. I'd much rather just plonk something together
in pylons, in perhaps a day or so that would give me a better match for
requirements.
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos at irc.freenode.net
More information about the CentOS-devel
mailing list