get_col("DESC $table_name", 0) as $column ) { if ($debug) echo("checking $column == $column_name
"); if ($column == $column_name) { return true; } } //didn't find it try to create it. $q = $wpdb->query($create_ddl); // we cannot directly tell that whether this succeeded! foreach ($wpdb->get_col("DESC $table_name", 0) as $column ) { if ($column == $column_name) { return true; } } return false; } } function btc_altertable() { global $tablecomments; $sql = "ALTER TABLE $tablecomments ADD COLUMN comment_reply_ID INT NOT NULL DEFAULT 0;"; maybe_add_column($tablecomments, 'comment_reply_ID', $sql); } function btc_alter_comment($new_id) { global $tablecomments, $wpdb; $sql = "UPDATE $tablecomments SET comment_reply_ID=".$_POST['comment_reply_ID']." WHERE comment_ID = $new_id;"; $wpdb->query($sql); } function briansnestedcomments() { global $font_gets_smaller; if (!($withcomments) && ($single)) return; // You can safely delete the single line below if your threaded comments are up and running btc_altertable(); ?> Usable Security » 2006» June

Archive for June, 2006

Certificate Authorities and Accountability

Monday, June 19th, 2006

Phillip Hallam-Baker, Chief Scientist at VeriSign, just gave a talk in which, among other things, he stressed the importance of accountability by certificate authorities.  The argument is that users should see not only the logo and name of the sites they’re dealing with, but also the logo and name of the certificate issuer, so [...]

That’s why we have three of them!

Monday, June 19th, 2006

I’m at Stanford today attending a workshop on Trustworthy Interfaces for Passwords and Personal Information.  We’ve been looking at lots of examples of how fradulent websites try to steal your passwords, credit card numbers, and other juicy stuff.
George Staikos has just been showing us how the security indicators are inconsistent across various browsers — [...]