search

adamdoupe / WackoPicko

WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
MIT License
328 stars 160 forks source link

Short tags used in the code #1

Closed francor closed 13 years ago

francor commented 14 years ago

Hi,

First, thank you for releasing the code from your application. I am working on testing web scanners, and your application is great for that.

The only thing is that you use a lot of short tags <?=variable?> in your code. This usage is now deprecated and for example in ArchLinux PHP installation, the short tags are Off by default.

I think is not a big deal to change it all to <?php echo(variable) ?>, unless there is something about this solution that changes the way the application works or is vulnerable.

BTW nice paper

adamdoupe commented 13 years ago

Thanks for pointing this out.

To preserve parity with the version used in the paper, I won't make any changes to the source, but I did add this to the "Known Issues" section.

Glad you liked the paper!