Crafty Syntax Live Help

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • thinkliberty
    Junior Member
    • Dec 2004
    • 10

    Crafty Syntax Live Help

    There was a new release of CSLH www.cslh.com

    security fixes include

    - Globals are now deleted rather then extracted. Although no security holes have been found since version 2.7.3 due to globals extracted, a lot of requests have been made to delete Globals for more safty.

    - Re-wrote all SQL queries to not have integer values as strings.
    Security against sql interjection is now inforced by casting all expected integer values as integers using intval(). As always quotes are also escaped
    in varchar values before used in a query. However rather then using magic quotes the sql strings are quoted at time of use to ensure quotes are escaped.
Working...