Originally by nkasioum (@kasioumis) on 2012-01-30
User input should be carefully washed and sanitized before used and displayed to avoid unexpected behavior and exploits. The same goes for DB functions' output.
Originally by Nikolaos Kasioumis email@example.com on 2012-02-10
#CommitTicketReference repository="" revision="3b12ca392b4ab70b9b3c8d997fcfbf1bcab7a12c"
WebBasket: many small fixes and improvements
- Replaces various dblayer functions that would return faulty values
due to GROUP_CONCAT with improved versions of them. Improves handling
and parsing of the values returned by the dblayer functions to create
the main WebBasket interface. Removes all calls of the eval() function
and replaces them with safer functions. Sanitizes user input coming
fromthrough GET and POST variables. Sanitizes special HTML characters
- Improves creation of HTML Select form elements to be compatible with
all major browsers.
Originally by Nikolaos Kasioumis firstname.lastname@example.org on 2012-08-09