* Posts by uptoeleven

3 posts • joined 8 Nov 2017

'World's favorite airline' favorite among hackers: British Airways site, app hacked for two weeks


"'App" isn't really an app...

As a BA Exec Club member - I get to use their "app" all the time. It's basically a viewer for a bunch of html pages / forms - although (helpfully) not all cookies are shared with your browser so you have to log back in again, or just use their site. Nothing that can't be done more efficiently on the site itself, other than downloading boarding passes.

As I won't be back in the UK for a couple of weeks I've now had to move all my funds out of the account to which the card was attached, and cancel the card for my business banking which means I'm now relying on backup, personal cards for business expenses and transferring between accounts.

Microsoft commits: We're buying GitHub for $7.5 beeeeeeellion


Re: @Harley

> I've been writing books since I was an infant, I have been published in 47 languages, and still some cunts get my name wrong.

Now you're just (fly)-fishing for sympathy...

WordPress has adverse reaction to Facebook's React.js licence


Re: To Address a Few of the Misconceptions about WordPress

I have also used and supported WordPress, Joomla (and Mambo back in the day), Drupal including Drupal 8, Magento, CMSMS and custom CMSes and yes - WP is easy for authors and site admins to learn to use.

I am also a PHP developer, mostly in Symfony but other frameworks exist. And, because I am a PHP developer, I use a good IDE (PHPStorm, but other IDEs exist) and with xdebug I can see the hundreds and hundreds of globals that Wordpress creates and uses. As someone who has written WP themes and plugins I've had to fight with these many and varied globals not least because they prevent me from easily creating unit tests for the code I've written. And this is because although WP may be very widely used, and very easy for admins and editors to use, under the hood it's a bag of bolts.

Worse than that - a dreadfully insecure, difficult to lock-down, poorly engineered bag of bolts that has myriad built-in vulns and exploits.

And while we're at it anything that needs to make 100 db calls to generate a page is doing something wrong.

And any system with such a poor separation of concerns does not deserve to have the kind of support WP has (sql code inside php code with html and js all in the same file? That is poor separation of concerns).

Wordpress is a blogging platform that has been repurposed as a CMS without any of the functionality or organisation or security that a CMS should have. It's a liability and I try to avoid it at all costs.


Biting the hand that feeds IT © 1998–2019