On 7 March 2016 at 17:06, Tatsuo Ishii <is...@postgresql.org> wrote:

> > * Only 24 open source projects are listed as interoperable.
> > Open Source Projects Using PostgreSQL
> > https://wiki.postgresql.org/wiki/OpenSource_Projects_Using_PostgreSQL
> It's pity that some very popular OSS projects do not care about
> PostgreSQL. WordPress is one of such OSS projects. Long time ago
> someone came up with "PostgreSQL plugin" but it didn't catch up
> WordPress releases and now cannot be used with the latest version of
> WordPress. In my understanding WordPress fixes security issues only
> with the latest version; as a result, we cannot use safe version of
> WordPress if we want to use PostgreSQL for its database engine.
> <http://www.postgresql.org/mailpref/pgsql-hackers>

The killer there was that the plugin could only alter queries used by
Wordpress core. Nobody just uses Wordpress core.  The whole reason
Wordpress became popular is the vast collection of plugins, themes, etc.
90% of which are written by three stoned monkeys who once saw a PHP 4
manual in a mirror, which is part of why it has such an appalling security
history. Plugins can just talk straight to the DB, and are written by
people who have never heard of parametrized queries or, half the time,

What makes it popular and successful is also what makes supporting Pg in a
way that'll actually see useful adoption hard.

 Craig Ringer                   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services

Reply via email to