[pmwiki-users] Security questions

The Editor editor at fast.st
Thu Sep 28 12:39:41 CDT 2006

Just a couple questions.  Only one on security actually.

I'm wanting to dataproof form submissions to prevent harmful things
from being posted to a page through a form.  I'm using WritePage to
save the page, and was wondering if I needed any further precautions?
I was wondering if the data is save in some kind of coded from to be
unoperational, when it is retrieved and displayed in a page (through
Readpage), is it decoded?  So that a malicious person might be able to
introduce something into it?

I have a plan for a mechanism to prevent this but wasn't sure what
potential vulnerabilities there might be to watch out for.

Secondly, can anyone explain the difference between [==] and [@@].  I
need some kind of invisible delimiter for my logging functions and was
thinking one or the other might be useful.


More information about the pmwiki-users mailing list