Upload dir, tables are bad
-
Hello
I change my uploads dir in “files” because WP allows it. But you hardcoded “/uploads” !
-> You have to use the correct WP way to find the real upload for this installtion.
Also you’re doing a “SHOW TABLES” and ALL my tables are saved, even for my other websites oO
-> You have a get only the tables from this installation
The backup action is not protected by a nonce token
-> Add one !
You are creating a hash using the plain text DB password, are you crazy ? a double md5 is not enought…
-> do not use DB pass, use a salt instead !
- The topic ‘Upload dir, tables are bad’ is closed to new replies.
