security bug in PHP-server-1.1
Niels Berkers
niels at quotar.com
Wed Apr 11 10:56:47 PDT 2007
Jonathan Daugherty wrote:
> # for those who like to clean incomming content before your server is
> # hacked. The following code line 216 in common.php
>
> This patch will break the server. (Most notably, it will break OpenID
> authentication.) In particular, it will break whenever an input value
> is url-encoded differently than it will be by htmlentities().
>
at leased it is secure now :-(
More information about the Dev
mailing list