[CentOS-devel] forums + portal for {lang}.centos.org sites

Tue Sep 30 17:50:32 UTC 2008
Karanbir Singh <kbsingh at centos.org>

Stephane Corlosquet wrote:
>> yes, and its things like this :
>> http://drupal.org/node/313054
>> which are quite scary.
> This is what happens when you don't use the Drupal API 
> <http://api.drupal.org/>, which saves the developers from having to 
> worry about common security issues like XSS, CSRF, SQL injection etc. In 
> that way it's very quick to evaluate the quality of a module: you just 
> need to check whether they make good use of the API or not...

Surely this is the responsibility of the drupal devteam and not the 
userbase to ensure stuff like this is not included. That specific module 
was at some time distributed from the drupal.org website wasent it ?

I dont really want to sit here and audit every bit of code that is going 
to come along with drupal. I'd much rather just plonk something together 
in pylons, in perhaps a day or so that would give me a better match for 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos at irc.freenode.net