kito2
www.masteria.net
I saw the updates on the latest revs (243--) but they are still useless, I got hacked before the update and now after the update... What is going on?
Latest released version is 1.0.1 based on rev 190, and it's NOT affected by this bug. It just tell you that latest development rev is insecure, and thats rather common. Don't use SVN versions if you want security and stability.lol to everyone that EXPECT modern/gesior to be safe..
Make you own fucking site if you want to be safe, don't expect to get a FREE page and it will be safe.... never expect that!...
Don't delete by group_id, but access. If you want a permanent fix then just remove the shuffolding from controllers/admin.php if you don't need it (people with phpmyadmin don't really need it).
Latest released version is 1.0.1 based on rev 190, and it's NOT affected by this bug. It just tell you that latest development rev is insecure, and thats rather common. Don't use SVN versions if you want security and stability.
ModernAAC won't be a donor only thing, and why should ModernAAC get a piece of the donations at all since TFS don't?
Yea, we already remove alot of injection methods etc. Previously we add slashes to all post things, but it caused problems with POT features.Isn't there http://www.google.nl/search?hl=nl&&...pm3wL0F&ved=0CB0QvwUoAQ&q=possibility&spell=1a possibility to check every $_GET and $_POST for its contents, trim em and return em as $getoutput['name'] or $postoutput['name'].
Than with new scripts users can just use the $getoutput and $postoutput for their query's etc.
Just an idea I think would be possible.
I thought that TFS receive a % of the donations :S