No announcement yet.

Crafty Syntax Live Help

  • Time
  • Show
Clear All
new posts

  • Crafty Syntax Live Help

    There was a new release of CSLH

    security fixes include

    - Globals are now deleted rather then extracted. Although no security holes have been found since version 2.7.3 due to globals extracted, a lot of requests have been made to delete Globals for more safty.

    - Re-wrote all SQL queries to not have integer values as strings.
    Security against sql interjection is now inforced by casting all expected integer values as integers using intval(). As always quotes are also escaped
    in varchar values before used in a query. However rather then using magic quotes the sql strings are quoted at time of use to ensure quotes are escaped.