Permalink
6 comments
on commit
sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Sanitize some request variables
- Loading branch information
SecretR
committed
Jun 27, 2014
1 parent
072eeb5
commit f80e417
Showing
1 changed file
with
10 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
f80e417There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does PHP 5 have a better way of doing this?
f80e417There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
filter_var()andfilter_input()are the options, but it's more matter of using a standard routine and secure the inputs in a centralized way - e.g. admin UI.f80e417There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What release has this security patch?
f80e417There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use the latest files from Github, they contain the most up to date files. You can easily download the zip file using the download button on the right hand side of the main page.
This commit is not included in any release yet as there haven't been any releases since alpha2 which was released very recently.
f80e417There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Moc I'm developing pyfiscan-tool https://github.com/fgeek/pyfiscan to help detect non-updated web software. It would make it lot easier to communicate with end-users when there is actual release. Do you know when alpha3 is out?
f80e417There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@fgeek the releases are communicated through multiple channels: the github releases page, the news and blog items on the e107 website as well as the social media channels. The alpha3 release will take a while (hopefully in a month, or two). Unless there is a major security issue (this one was quite minor)