[pLog-svn] r3682 - plog/trunk/class/action

Ammar Ibrahim ammar.ibrahim at gmail.com
Tue Jul 4 13:27:14 GMT 2006


PHP Security Scanner. http://securityscanner.lostfiles.de/

I beleive that the release that will be based on PHP5 of LifeType should
filter using PECL Filter.

Ammar



On 7/3/06, Oscar Renalias <oscar at renalias.net> wrote:
>
> We should at least review all the code under class/action/ and make
> sure that all the data loaded from the request is properly validated.
> I will try to take a look.
>
> On 7/3/06, Mark Wu <markplace at gmail.com> wrote:
> > Hi Oscar:
> >
> > I have no idea how to do this easily, maybe review all the codes...
> >
> > Or we can ask Ramos how he found these bugs. I believe the "hackers"
> must
> > have some intelligence ways to do this. :)
> >
> > Mark
> >
> > > -----Original Message-----
> > > From: plog-svn-bounces at devel.lifetype.net
> > > [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
> > > Oscar Renalias
> > > Sent: Tuesday, July 04, 2006 3:53 AM
> > > To: plog-svn at devel.lifetype.net
> > > Subject: Re: [pLog-svn] r3682 - plog/trunk/class/action
> > >
> > > Is there any chance we can track down and validate all other
> > > input variables that we're using in the code?
> > >
> > > Oscar
> > > _______________________________________________
> > > pLog-svn mailing list
> > > pLog-svn at devel.lifetype.net
> > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://devel.lifetype.net/mailman/listinfo/plog-svn
> >
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http:// devel.lifetype.net/pipermail/plog-svn/attachments/20060704/33f20406/attachment.html


More information about the pLog-svn mailing list