diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2006-11-03 03:29:04 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2006-11-03 03:29:04 +0000 |
| commit | a8e7829404c763cd4f69abf602fc722a5ddf1c12 (patch) | |
| tree | c68d42165cc3e914610f6cd170b9b3afb3b8e862 /Changelog | |
| parent | e5e963a2cfa1ec6be3dbf670fa233f4a662ee2fe (diff) | |
SQL Injection audit complete
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@475 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'Changelog')
| -rw-r--r-- | Changelog | 9 |
1 files changed, 2 insertions, 7 deletions
@@ -9,14 +9,8 @@ Database: Security: * Added whitelist of allowed directories to file editor (Seneca) -* Audited OE.pm, AA.pm, and AM.pm for SQL injection problems. (Chris T) +* Audited All Perl Modules for SQL Injection attacks (Chris T) * Forced edited files to have whitelisted extensions and no .. strings (Chris T) -* Audited Form.pm for SQL-injection problems and move to new API (Chris T) -* Audited BP.pm, CA.pm, CT.pm for SQL injection and moved to new API. (Chris T) -* Audited IS.pm, GL.pm, IR.pm for SQL injection and moved to new API. (Chris T) -* Audited User.pm for SQL injection. (Chris T) -* Audited HR.pm, removed old, stale payroll code, moved to new API (Chris T) -* Audited OP.pm, PE,pm, JC.pm RC.pm, IC.pm and moved to new API (Chris T) Localization: * Moved localization files to standard codes (Seneca) @@ -41,6 +35,7 @@ Code Quality and API: * LedgerSMB::IC is aware of custom fields (Chris T) * LedgerSMB::PE is aware of custom fields (Chris T) * Testing suite added (Seneca) +* Moved all database calls to $form->{dbh} (CHris T) Packaging: * Added first version of rpm spec from Mads Kiilerich (Chris T) |