diff --git a/DEV/sec-notices b/DEV/sec-notices new file mode 100644 index 00000000..5032c8a0 --- /dev/null +++ b/DEV/sec-notices @@ -0,0 +1,3 @@ +rem hole(sql-injection) in makeuser.php (no secure.php but sql-query) +todo: replace secure.php + diff --git a/TODO_FIX_INCLUDES b/TODO_FIX_INCLUDES index e5605c8f..f50844e7 100644 --- a/TODO_FIX_INCLUDES +++ b/TODO_FIX_INCLUDES @@ -1,67 +1,5 @@ -ich@DenkBrett www-ssl % find . -type l -./admin/inc -./admin/pic -./inc/inc -./nonpublic/inc -./nonpublic/pic - find . -name \*.php -exec grep -l './inc' {} \; -ich@DenkBrett www-ssl % find . -name \*.php -exec grep -l './inc' {} \; -#./admin/EngelType.php -#./admin/schichtplan.php -#./admin/user2.php -#./admin/dbUpdateFromXLS.php -#./admin/index.php -#./admin/faq.php -#./admin/Recentchanges.php -#./admin/dect_call.php -#./admin/UserPicture.php -#./admin/room.php -#./admin/news.php -#./admin/tshirt.php -#./admin/aktiv.php -#./admin/user.php -#./admin/dect.php -#./admin/free.php -#./admin/userDefaultSetting.php -#./admin/sprache.php -#./admin/debug.php -#./admin/shiftadd.php -#./admin/schichtplan_druck.php -#./inc/funktion_schichtplan_aray.php -#./inc/footer.php -#./inc/menu.php -#./inc/funktion_modem.php -#./inc/funktion_flag.php # Special fix needed. ich geh ins bett -#./inc/error_handler.php -#./inc/header.php # Special fix needed -#./inc/funktion_user.php # Special fix needed -#./inc/crypt.php -#./inc/ShowUserPicture.php -#./inc/login_eingabefeld.php -#./inc/funktion_SendMessenges.php -#./nonpublic/waeckliste.php -#./nonpublic/schichtplan.1.php -#./nonpublic/schichtplan.php -#./nonpublic/schichtplan.2.php -#./nonpublic/myschichtplan.php -#./nonpublic/messages.php -#./nonpublic/index.php -#./nonpublic/faq.php -#./nonpublic/schichtplan_add.php -#./nonpublic/schichtplan_beamer.php # Special fix needed, css -#./nonpublic/news.php -#./nonpublic/einstellungen.php # Special fix needed -#./nonpublic/wecken.php -#./nonpublic/engelbesprechung.php -#./nonpublic/news_comments.php -#./logout.php -#./makeuser.php -#./lageplan.php -#./faq.php -#./index.php - todo: change installscript to place inc outside of http-root. exactly ONE dir ahead. diff --git a/www-ssl/nonpublic/pic b/www-ssl/nonpublic/pic deleted file mode 120000 index a21de85f..00000000 --- a/www-ssl/nonpublic/pic +++ /dev/null @@ -1 +0,0 @@ -../pic \ No newline at end of file