git.mjollnir.org Git - moodle.git/commit

]> git.mjollnir.org Git - moodle.git/commit

author	skodak <skodak>
	Sun, 16 Sep 2007 20:19:19 +0000 (20:19 +0000)
committer	skodak <skodak>
	Sun, 16 Sep 2007 20:19:19 +0000 (20:19 +0000)
commit	70e9b59d228face74faea3f9440a48a4092c76bc
tree	9f35c9e7f0a7007a35df4e56dde0f16136d35bab	tree \| snapshot
parent	d371392a7be7ccb03dc589977e01f3a156661cdf	commit \| diff

MDL-11300
1/ potential sql injection through tag types - missing param type + can add new types + usually no addslashes before update of tags
2/ paging does not work at all
3/ missing param type definitions
4/ not xhtml strict compliant
5/ CSRF - missing sesskey checks
6/ UI code in tag/lib.php - should be in manage.php or other file
7/ missing localization of types - default/standard

lang/en_utf8/tag.php		diff \| blob \| history
tag/lib.php		diff \| blob \| history
tag/manage.php		diff \| blob \| history

Unnamed repository; edit this file to name it for gitweb.

RSS Atom