[pmwiki-users] Security questions
editor at fast.st
Thu Sep 28 12:39:41 CDT 2006
Just a couple questions. Only one on security actually.
I'm wanting to dataproof form submissions to prevent harmful things
from being posted to a page through a form. I'm using WritePage to
save the page, and was wondering if I needed any further precautions?
I was wondering if the data is save in some kind of coded from to be
unoperational, when it is retrieved and displayed in a page (through
Readpage), is it decoded? So that a malicious person might be able to
introduce something into it?
I have a plan for a mechanism to prevent this but wasn't sure what
potential vulnerabilities there might be to watch out for.
Secondly, can anyone explain the difference between [==] and [@@]. I
need some kind of invisible delimiter for my logging functions and was
thinking one or the other might be useful.
More information about the pmwiki-users