well, a common practice in programming is that comments are valid for lines following below. Just check which line is below the comment you mentioned and you might get an idea.
In practice it is more or less obsolete since this should only be required if the ini entry "register_globals" is enabled. But in this case the unmodified p.mapper will exit and display an error message. In addition, for code insertion via URL's it is required to have other ini settings active that are not recommended. Just google for "p.mapper security" and you will end up at at a section of the quick install instructions which I assume everybody setting up a site with p.mapper will read. armin On 28/05/2011 13:44, Andreas Douvalis wrote: > Hi > > At the beginning of many files (including map_default.phtml and > map_uilayout.phtml) there is one comment : > > // prevent XSS > > I suppose that the above comment means that we should add functions for > avoiding xss attacks. > That means that pmapper has > not developed any special function for the above issue and Users have to > develop their functions. > Am I right? > ------------------------------------------------------------------------------ > vRanger cuts backup time in half-while increasing security. > With the market-leading solution for virtual backup and recovery, > you get blazing-fast, flexible, and affordable data protection. > Download your free trial now. > http://p.sf.net/sfu/quest-d2dcopy1 > _______________________________________________ > pmapper-users mailing list > pmapper-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/pmapper-users ------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1 _______________________________________________ pmapper-users mailing list pmapper-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/pmapper-users
