Big bug–do not check comment’s code

  • I install wp2 and Travelogue Theme(https://www.podq.com/), but the comment page do not check comment’s code, if you input <?php and some, it will be translate into REAL executable code!!

    is this wp’s bug or the theme’s??

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Justso

    (@justso)

    and, it is Travelogue2, for example, I tried input below code to some comment input window, and then got all messed with it….

    yes, it also just is the original code of the foot.php:

    <?php if(function_exists(‘wp_pagenavi’)) { wp_pagenavi(); } ?>

    <div id=”footer”>
    <p>
    <?php bloginfo(‘name’); ?> running on
    WordPress

    Using the Travelogue Theme by Josh Lyman

    RSS: “>Entries
    & “>Comments.

    Atom: “>Entries.
    <!– <?php //echo $wpdb->num_queries; ?> queries. <?php //timer_stop(1); ?> seconds. –>
    </p>
    </div>

    </div>
    <?php do_action(‘wp_footer’); ?>

    Thread Starter Justso

    (@justso)

    Faint, here DOES NOT filter all html code too….. pls look above……

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Big bug–do not check comment’s code’ is closed to new replies.