Author: rvelices
Date: Sat Aug 23 03:18:13 2008
New Revision: 2484

URL: http://svn.gna.org/viewcvs/phpwebgallery?rev=2484&view=rev
Log:
merge r2483 from branch 1.7
- security fix : when conf['question_mark_in_urls']=true , 
$_SERVER['PATH_INFO'] was not sanitized against sql injection
- mysql errors are now dumped using trigger_error instead of echo and die -> 
allow admins to see later on if someone tries funny stuff

Modified:
    trunk/include/common.inc.php
    trunk/include/functions.inc.php


_______________________________________________
Phpwebgallery-cvs mailing list
Phpwebgallery-cvs@gna.org
https://mail.gna.org/listinfo/phpwebgallery-cvs

Reply via email to