[geeklog-devel] code scrubbing: stripslashes

Oliver Spiesshofer oliver at spiesshofer.com
Mon Aug 13 04:51:20 EDT 2007

Previous message: [geeklog-devel] code scrubbing: stripslashes
Next message: [geeklog-devel] code scrubbing: stripslashes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

With the changes done during some of the upgrades I seriously doubt the
site will work if the upgrade of that file is not done.
Just take COM_createLink. w/o that one, almost every page that creates
any kind of link crashes.

Oliver

Michael Jervis wrote:

> I think the /concept/ is right, doing an auto-and-correct stripslashes

> on all HTTP globals on start of the page. Obviously as noted the

> implementation is incorrect.

>

> Should be reasonably easy to clean up everything.

>

> Only problem is if someone badly upgrades their lib-common.php when

> upgrading, they may have a gaping hole in their security...

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://eight.pairlist.net/mailman/listinfo/geeklog-devel

>

>

>

Previous message: [geeklog-devel] code scrubbing: stripslashes
Next message: [geeklog-devel] code scrubbing: stripslashes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devel mailing list