Warning: This software is outdated. Further information on the home page.

This page is yet unfinished. It may contain remarks of what should be written here. If you’d like to help writing this page, please ask in the forum for details. This is a final state. See further details on the home page.

Security considerations

TODO:
* configuration file protection
* .htaccess protection
* lock.conf file (-> docs/install#lockfile)
* data validation and conversion in common.lib.php
* cookie 'encryption'
* user passwords storage in the database
* session validity checks (expiry, failed logins)
* UnbCheckRights function and calls to it
* t2h function (XSS security)
© 2003–2024 by Yves Goergen web1@unclassified.de
Content last updated on 2005-10-26 20:55 UTC
dotforward webhosting Get Firefox XHTML 1.1 CSS