This page is yet unfinished. It may contain remarks of what should be written here. If you’d like to help writing this page, please ask in the forum for details.

Security considerations

TODO:
* configuration file protection
* .htaccess protection
* lock.conf file (-> docs/install#lockfile)
* data validation and conversion in common.lib.php
* cookie 'encryption'
* user passwords storage in the database
* session validity checks (expiry, failed logins)
* UnbCheckRights function and calls to it
* t2h function (XSS security)
© 2003–2017 by Yves Goergen web1@unclassified.de
Content last updated on 2005-10-26 20:55 UTC
dotforward webhosting Get Firefox XHTML 1.1 CSS