We don't do any input checking on the $id's we receive. We should. Function should check that the $id is twenty characters long, and consists of alphanumerics only. It should return 0 on failure, and 1 on success. It should also be used in almost every function that accepts an $id as a parameter. Which is, like, all of 'em, g-thang.

Comments

sreynen’s picture

sreynen commented
Status: Active » Closed (fixed)

As the project is dead, we might as well close the issues so they don't show up in the open issue queue.