The Toolkit for Online Communities
18832 Community Members, 0 members online, 2157 visitors today
Log In Register
OpenACS Home : Forums : OpenACS Q&A : Stealing Email Addresses -3x : One Message

Forum OpenACS Q&A: Response to Stealing Email Addresses -3x

Posted by Stan Kaufman on
Have a look at http://www.ybos.net/doc/core-arch-guide/security-sql-smuggling.

Looks like this fix never made it into 3.2.5. What isn't clear to me in the above is where ad_block_sql_urls is best called. I presume in ad_page_variables but unless I'm completely blind or addled, it's not explicitly documented.