[pLog-svn] today's notes about validation
Jon Daley
plogworld at jon.limedaley.com
Sat May 24 15:24:14 EDT 2008
I have looked through the public facing actions and they are all set, with
the below exceptions/things to look into further.
I am done for today, but the admin side needs to be done as well as the
views for public and admin. It is possible/likely that the current admin
code will have some issues in some places where html is being filtered out
incorrectly. I'll find it in the next couple days if someone else doesn't
beat me to the task of going through all of the admin actions.
templateaction: passes whole request to view
searchengine searches drafts too when not using fulltext
blogaction needs to validate the blogId,blogname,userid,username,blogdomain fields
addcommentaction uses HttpVars::getRequest() need to look into that
more. allows html, need to verify the filters are getting rid
of javascript, etc. I believe they are.
adminaddresourcealbumaction: Why was _form->registerField used?
More information about the pLog-svn
mailing list