Author: rvelices
Date: Sat Aug 23 03:18:13 2008
New Revision: 2484
URL: http://svn.gna.org/viewcvs/phpwebgallery?rev=2484&view=rev
Log:
merge r2483 from branch 1.7
- security fix : when conf['question_mark_in_urls']=true ,
$_SERVER['PATH_INFO'] was not sanitized against sql injection
- mysql errors are now dumped using trigger_error instead of echo and die ->
allow admins to see later on if someone tries funny stuff
Modified:
trunk/include/common.inc.php
trunk/include/functions.inc.php
_______________________________________________
Phpwebgallery-cvs mailing list
[email protected]
https://mail.gna.org/listinfo/phpwebgallery-cvs
