New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

发现的bug #13

Open

GoogleCodeExporter opened this issue Jan 1, 2016 · 0 comments

Labels

auto-migrated Priority-Medium Type-Defect

GoogleCodeExporter commented Jan 1, 2016

SVN revesion:43

1. my.php L.43 没有判断用户是否登陆.直接但直接使用了 
$cyask_uid.

2. 代码里所有处理 $cyask_uid 及 $cyask_user 
的地方.都没有做处理.并且直接使用.
   如果用户没有登陆.且代码没做登陆判断的话.会直接导致程序错误.

3. 问题2描述的问题是一个很严重的安全隐患.关于MYSQL的.. 
-_-!!


4. cyaskeditor/CyaskEditor_gbk.js L.386 关于取 iframe document 
对象的方法存在
兼容性问题. 建议修改为  document.getElementById
('CyaskEditorForm').contentWindow.document; 可以兼容IE跟 firefox.

最后.对您做出的贡献表示敬佩.

Original issue reported on code.google.com by wmaing@gmail.com on 23 Jul 2008 at 3:24

The text was updated successfully, but these errors were encountered:

GoogleCodeExporter added Priority-Medium Type-Defect auto-migrated labels

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment