Welcome to Geeklog Friday, December 03 2021 @ 01:55 am EST

Geeklog Forums

security issue ?


Status: offline

jolla

Forum User
Newbie
Registered: 24/09/03
Posts: 1
I noticed the following in geeklog; ... if ($reply == $LANG01[25]) { ... Is this a smart way to do it ? You're assuming the client/browser is 'honest'...
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 12/01/02
Posts: 13073
Location:Stuttgart, Germany
No, that is not a security issue. The first thing any Geeklog file (in public_html) does is to include lib-common.php, which in turn includes the language file, thus overwriting whatever you may have injected from the URL or in a POST request. bye, Dirk
 Quote

All times are EST. The time is now 01:55 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content