BugTraq
Back to list
|
Post reply
Re: Re: Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities
Aug 16 2010 08:35AM
Salvatore Fresta aka Drosophila (drosophilaxxx gmail com)
No, it isn't a good idea. You can use always Jrequest::getVar
specifing the type
(http://api.joomla.org/Joomla-Framework/Environment/JRequest.html#getVar
).
The allowed types are: INT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64,
STRING, ARRAY, PATH.
Regards.
--
Salvatore Fresta aka Drosophila
http://www.salvatorefresta.net
CWNP444351
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
specifing the type
(http://api.joomla.org/Joomla-Framework/Environment/JRequest.html#getVar
).
The allowed types are: INT, FLOAT, BOOLEAN, WORD, ALNUM, CMD, BASE64,
STRING, ARRAY, PATH.
Regards.
--
Salvatore Fresta aka Drosophila
http://www.salvatorefresta.net
CWNP444351
[ reply ]