> At the time Drupal had a vague plan to move to a decent database > layer to reduce SQL injection attacks, but nothing more.
Just got back from Drupalcon in Paris. Have a look at.... http://www.archive.org/details/Drupal7StatusUpdateandNextSteps the sound is a bit rough but you should get something out of it. Drupal 7 is something different compared with previous attempts. DB layer issues fixed and PHP pass algorithm now in use. I suppose this doesn't plug all the holes but it's a step in the right direction :) -- Richard -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html