Saturday, 20 December 2014 09:45

Secure coding practice

Report Xmap bugs on this forum.

Secure coding practice

Postby doorknob » Fri Nov 07, 2008 1:25 pm

I've been examining all of the components in my development site for security vulnerabilities, specifically whether variables (rather than constants) are used in include() statements because these represent a potential security vulnerability.
Your code makes use of a global variable in this way. It does appear to be secure because it is set without using variables just before it is used (or I would be contacting you privately) but can I request that you change to using a constant instead of a global variable ($xmapComponentPath) so that we can all be more confident.
Junior Boarder
Junior Boarder
Posts: 27
Joined: Thu Aug 07, 2008 9:30 pm

Return to Bugs

Who is online

Users browsing this forum: No registered users and 2 guests