Le Mardi 26 Septembre 2006 23:59, Sylvain Beucler a écrit :
> > I dont understand how it would give the user a way to kill anything.
>
> The code unsets all variables that the user passes via
> GET/POST. Therefore is the user passes a GET/POST variable that has
> the same name than a global variable otherwise used in Savane, the
> code will unregister it as well.
I thought about that and I added some cleanup to prevent the user to mess with
important variables ('sys_*' ones). I think there is no perfect solution but
this seems acceptable to me.
--
Mathieu Roy
| http://coleumes.org
_______________________________________________
Savane-dev mailing list
[email protected]
https://mail.gna.org/listinfo/savane-dev
