Posted on: 10/08/03 02:14am
By: jolla
I noticed the following in geeklog;
...
if ($reply == $LANG01[25]) {
...
Is this a smart way to do it ? You're assuming the client/browser is 'honest'...
Re:security issue ?
Posted on: 10/09/03 03:55pm
By: Dirk
No, that is not a security issue. The first thing any Geeklog file (in public_html) does is to include lib-common.php, which in turn includes the language file, thus overwriting whatever you may have injected from the URL or in a POST request.
bye, Dirk