LimeSurvey: master dbe44d11

Author Committer Branch Timestamp Parent
DenisChenu DenisChenu master 2014-02-05 11:05:00 master d11adfbc
Affected Issues  08661: Major security issues, allowing for full access of database and potentially full server access

Fixed issue #08661: Major security issues, allow acces to restricted files
Dev: Sanitize and test all file name and throw error 400
Dev: filename must already start with fu or futmp else it's not un uploaded file
Dev: TODO : allow delete only with good srid

mod - application/controllers/UploaderController.php Diff File