1
Bug Fixes & Patches / Re: [1.7.1 / 1.7.2] Security fix for SQL injection in session.php
« on: June 26, 2006, 11:20:25 PM »
sir,
i just downloaded new version but seems the text required to change in the first post of this thread is not yet implemented, i can find the
"$this->session_id = preg_replace('/[^a-z0-9]+/i', '', session_id());" in the session file included in the zip file i just downloaded.
one of my firends gallery hosted by me has 1000's of xxx comments for his personal photo graphs.
any suggestions to fix it.
regards,
amod
i just downloaded new version but seems the text required to change in the first post of this thread is not yet implemented, i can find the
"$this->session_id = preg_replace('/[^a-z0-9]+/i', '', session_id());" in the session file included in the zip file i just downloaded.
one of my firends gallery hosted by me has 1000's of xxx comments for his personal photo graphs.
any suggestions to fix it.
regards,
amod