Welcome to Geeklog, Anonymous Tuesday, September 26 2023 @ 11:39 am EDT

Geeklog Forums

security issue ?

Status: offline


Forum User
Registered: 09/24/03
Posts: 1
I noticed the following in geeklog; ... if ($reply == $LANG01[25]) { ... Is this a smart way to do it ? You're assuming the client/browser is 'honest'...

Status: offline


Site Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
No, that is not a security issue. The first thing any Geeklog file (in public_html) does is to include lib-common.php, which in turn includes the language file, thus overwriting whatever you may have injected from the URL or in a POST request. bye, Dirk

All times are EDT. The time is now 11:39 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content