Jonathan Ernst
735a2bc65f
Prefix all GPC variables according to our coding standard
2006-07-06 17:27:54 +00:00
Chris Morgan
fad9278013
Stop using compile_update_string(). compile_update_string() can be passed a value that includes a character considered
...
special by query_parameters(). We then use the output from compile_update_string() as a part of the first
parameter to query_parameters(), the format string. Having extra special characters causes a token mismatch
and query_parameters() will reject the queries entirely. Remove now unused compile_update_string().
2006-07-04 03:43:06 +00:00
Chris Morgan
034ea689bc
Clean up application and version classes. Move class related functions into the class as static member functions
2006-06-29 16:07:19 +00:00
Chris Morgan
245a6b993e
Cleanup User class. Move user related functions into class as static member functions
2006-06-29 15:54:29 +00:00
Chris Morgan
e3f9e5371a
Use query_parameters() in SQL select, update and delete statements to protect against
...
sql injection attacks
2006-06-27 19:16:27 +00:00
Chris Morgan
fb0f3b5dd3
Protect against sql injection attacks in sql INSERT statements
2006-06-24 04:20:32 +00:00
EA Durbin
f982c8459e
Filter all user input to reduce the security impact of manipulated data
2006-06-17 06:10:10 +00:00
Tony Lambregts
cc286b6375
Add bug number to bug link emails. Fixes bug 4358.
2006-01-23 02:13:47 +00:00
Tony Lambregts
2311d4d572
Add the ability for user to monitor changes to applications
2005-09-30 01:55:51 +00:00
Tony Lambregts
fc2c9afdbc
Use the correct (non-capitalized) name for resolution
2005-08-13 01:54:15 +00:00
Tony Lambregts
6a8f8737f0
Add missing </form> to view_version_bugs()
2005-07-30 03:15:50 +00:00
Tony Lambregts
d71c45937e
Hack a fix for "$this->iLinkId = mysql_insert_id();" not working
...
and other cleanups.
2005-07-16 20:02:17 +00:00
Tony Lambregts
d42e47bd68
Create the buglink object
2005-07-13 01:13:46 +00:00
