claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
778 Commits 1 Branch 0 Tags
d06cba3977ee98bc9f5856034f2bc69a8ca196c1
Commit Graph

11 Commits

Author SHA1 Message Date
Chris Morgan
f05c05864e Pass input arrays into GetOutputEditoValues() and CheckOutputEditorInput(). We don't want 
classes to be hardcoded to read directly from $_REQUEST
 2006-07-08 22:06:28 +00:00
Jonathan Ernst
735a2bc65f Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00
Chris Morgan
fad9278013 Stop using compile_update_string(). compile_update_string() can be passed a value that includes a character considered 
special by query_parameters().  We then use the output from compile_update_string() as a part of the first
parameter to query_parameters(), the format string.  Having extra special characters causes a token mismatch
and query_parameters() will reject the queries entirely.  Remove now unused compile_update_string().
 2006-07-04 03:43:06 +00:00
Chris Morgan
245a6b993e Cleanup User class. Move user related functions into class as static member functions 2006-06-29 15:54:29 +00:00
Chris Morgan
e3f9e5371a Use query_parameters() in SQL select, update and delete statements to protect against 
sql injection attacks
 2006-06-27 19:16:27 +00:00
Chris Morgan
ac5b4b0a95 Warn if magic quotes is enabled and explain a bit about why we require that magic quotes 
be disabled.  Also remove all of the conditional code that was working around cases where
we had magic quotes enabled.  We were only working around a small portion of cases where magic
quotes was affecting the appdb.
 2006-06-26 00:44:44 +00:00
Chris Morgan
fb0f3b5dd3 Protect against sql injection attacks in sql INSERT statements 2006-06-24 04:20:32 +00:00
Chris Morgan
67550405c3 Make code more consistent by making it follow the appdb coding standards. Fix some spaces vs. tabs odd indenting. 2006-06-21 01:04:12 +00:00
EA Durbin
f982c8459e Filter all user input to reduce the security impact of manipulated data 2006-06-17 06:10:10 +00:00
WineHQ
8f65897592 Chris Morgan 
Only display testing results for applications that are not currently queued if the user isn't an admin.
 2006-01-14 03:30:35 +00:00
Tony Lambregts
ba6e92d184 Lets users submit application testing results in a uniform and easy to process manner 2005-10-17 03:59:24 +00:00