0000278: replace $_REQUEST with proper $_POST or $_GET

ID	Project	Category	View Status	Date Submitted	Last Update

0000278	WackoWiki	security	public	2009-03-04 18:35	2009-10-13 16:03

Reporter	administrator	Assigned To	Tann San
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	resolved	Resolution	fixed
Product Version	4.2
Target Version	5.0.beta	Fixed in Version	5.0.beta

Summary	0000278: replace $_REQUEST with proper $_POST or $_GET
Description	$_REQUEST can be an inherent security risk in many cases, while it's normally trivial to decide between $_GET and $_POST.
Tags	No tags attached.

Date Modified	Username	Field	Change
2009-03-04 18:35	administrator	New Issue
2009-03-04 18:36	administrator	Status	new => confirmed
2009-03-05 20:27	ebal	Note Added: 0000594
2009-04-09 20:03	Tann San	Status	confirmed => assigned
2009-04-09 20:03	Tann San	Assigned To	=> Tann San
2009-04-09 23:02	Tann San	Status	assigned => resolved
2009-04-09 23:02	Tann San	Fixed in Version	=> 5.4.0
2009-04-09 23:02	Tann San	Resolution	open => fixed
2009-04-11 01:45	Tann San	Fixed in Version	5.4.0 => 5.0.0
2009-10-13 15:58	administrator	Target Version	5.0.0 => 5.0.beta
2009-10-13 16:03	administrator	Fixed in Version	5.0.0 => 5.0.beta
2010-03-08 10:22	administrator	Category	Security => security

ebal 2009-03-05 20:27 developer ~0000594	affected pages actions/redirect.php actions/login.php actions/registration.php actions/usersettings.php actions/search.php actions/changepassword.php classes/wacko.php handlers/page/edit.php handlers/page/show.php index.php themes/tabs/appearance/footer.php