[dev] Re: [cvs] commit: imp/templates/compose compose.inc

Jan Schneider jan@horde.org
Tue, 14 May 2002 11:04:48 +0200

Previous message: [dev] Mailing list problems
Next message: [dev] Re: [cvs] commit: imp/templates/compose compose.inc
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Zitat von Michael M Slusarz <slusarz@bigworm.colorado.edu>:

> slusarz     2002/05/14 00:27:22 PDT
> 
>   Modified files:
>     templates/compose    compose.inc 
>   Log:
>   Merge after: 7
>   Save sent mail wasn't working correctly if the pref was locked.
>   Thanks to Paul (phancock@phxlib.org) for catching this.
>   
>   Revision  Changes    Path
>   2.154     +2 -0      imp/templates/compose/compose.inc

That's not the right place to fix it. Never trust a user input, and a 
hidden field is actually a user input as it can be faked. Fix it in 
compose.php.

Jan.

--
http://www.horde.org - The Horde Project
http://www.ammma.de - discover your knowledge
http://www.tip4all.de - Deine private Tippgemeinschaft

Previous message: [dev] Mailing list problems
Next message: [dev] Re: [cvs] commit: imp/templates/compose compose.inc
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]