event_list.php

Radu Wed, 15 Oct 2008 17:38:41 -0700

Author: rvelices
Date: Thu Oct 16 02:38:26 2008
New Revision: 2757

URL: http://svn.gna.org/viewcvs/phpwebgallery?rev=2757&view=rev
Log:
merge 2755 and 2756 from branch 2.0 to trunk
- 2755 fix vulnerability http://www.milw0rm.com/exploits/6755
- 2756 security paranoia: protect session/remember me cookies from XSS attacks 
(works only if php>=5.2 and with IE/FF maybe others)


Modified:
    trunk/comments.php
    trunk/include/functions_session.inc.php
    trunk/include/functions_user.inc.php
    trunk/include/user.inc.php
    trunk/include/ws_functions.inc.php
    trunk/plugins/event_tracer/event_list.php


_______________________________________________
Phpwebgallery-cvs mailing list
Phpwebgallery-cvs@gna.org
https://mail.gna.org/listinfo/phpwebgallery-cvs

[Phpwebgallery-cvs] r2757 - in /trunk: comments.php include/functions_session.inc.php include/functions_user.inc.php include/user.inc.php include/ws_functions.inc.php plugins/event_tracer/event_list.php

Reply via email to