Quote:
Originally Posted by Slice
This would cause apache logs to contain plaintext passwords and stuff!
|
Fixed that. Thanks again!
This is quite an important update, so please make sure you use this version if you care about security. See changelog first post:
Quote:
- 23/02/2011 (Important update!):
- Fixes:
- Security issues regarding hash values in Apache logs (Thanks to Slice!).
- PHP Code
- Adds:
- URL Encoding for string validating so hash values don't get messed up.
- Notes:
- Nothing has been changed about the syntax: after update, no need to change anything.
|