Daryll Doyle WordPress Development and Consultancy in Cornwall

ArchiveAugust 2015

How to allow SVG uploads in WordPress

By Daryll Doyle
In PHP, Rant, Security, SVG, WordPress
2 Min read
H

Don’t. Nope, stop. You developers/bloggers who keep passing the below code around as a valid way of allowing SVG uploads in WordPress are killing me inside. Yes, this will allow you to upload SVGs in WordPress, it will also allow someone to upload an XML Bomb or an SVG with an XXE attack or god forbid a lovely XSS attack. You see, too many developers are allowing SVG uploads without...

Read on

Why I hate the WordPress signup page

By Daryll Doyle
In PHP, WordPress
2 Min read
W

I’ve been working with WordPress multisite a lot recently and whilst all in all it’s not too bad, there is one thing that really pisses me off about it, wp-signup.php. No matter how many times I try and get my head round the contents of this file, I still struggle. It just seems like this file is a complete cluster-fuck of functions, html and css. On top of that, I feel there are...

Read on
Daryll Doyle WordPress Development and Consultancy in Cornwall