Merge commit 'jerome/security-fixes'
ab522e2dcce5
Actions

Authored by Tibor Simko <tibor.simko@cern.ch> on Sep 26 2008, 10:29.

Description

Merge commit 'jerome/security-fixes'

Committed

Tibor Simko <tibor.simko@cern.ch>

Sep 26 2008, 10:29

Parents

Branches

Unknown

Tags

Unknown

Tibor Simko <tibor.simko@cern.ch> committed R3600:ab522e2dcce5: Merge commit 'jerome/security-fixes' (authored by Tibor Simko <tibor.simko@cern.ch>).Sep 26 2008, 10:29

Commit	Author	Details	Committed
708346ecd4d0	Jerome Caffaro	Improved checking of authorization when adding record to a basket.	Sep 26 2008
3bf297a38c8c	Jerome Caffaro	Properly escape user-defined values to avoid XSS.	Sep 26 2008
97ec34236d0f	Jerome Caffaro	Properly escape parameters of SQL statements.	Sep 26 2008

				Path
	M			modules/webalert/lib/webalert.py
	M			modules/webalert/lib/webalert_templates.py
	M			modules/webbasket/lib/webbasket.py
	M			modules/webbasket/lib/webbasket_config.py
	M			modules/webbasket/lib/webbasket_dblayer.py
	M			modules/webcomment/lib/webcomment.py
	M			modules/websession/lib/webgroup_dblayer.py