Menu
▾
▴
Re: [SM-USERS] [Fwd: PHP remote vulnerabilities]
|
From: Venge -- L. <ve...@lo...> - 2002-02-28 18:39:44
|
In response to my other email, I have found: src/read_body.php: - removing the amp; and just leaving & in the lines that contain "sendreceipt" seems to fix the problem with Netscape and does not break IE. My only question is, are there any problems with changing & to just & ? Everything seems to work fine for now once I have made the change to that file. > On Thu, Feb 28, 2002 at 06:06:09PM +0100, Frank Louwers wrote: >> On Thu, Feb 28, 2002 at 08:50:17AM -0500, Kurt Yoder wrote: >> > Hello list. >> > >> > I just got this information today. I believe this is relevant, since >> > Squirrelmail uses PHP. Time for some patching fun! >> >> And time for an update on the PHP 4.1.x status: what works, what >> doesn't, and (important): why were there problems? What major thing >> changed between 4.0.6 and 4.1.0 that broke squirrel? > > Everything now *should* be working in SM 1.2.5 under PHP 4.1.x, if it > doesn't, just let us know and it'll get fixed. The problem was that how > session functions worked changed from what did work in 4.0.x to a way > which technically matched the docs better, but broke the way it was > done in SM. (I'm sure someone else can explain it better :) > > -- > Simon Dick si...@ir... > "Why do I get this urge to go bowling everytime I see Tux?" > > -- > squirrelmail-users mailing list > List Address: squ...@li... > List Info: > https://lists.sourceforge.net/lists/listinfo/squirrelmail-users > http://squirrelmail.org/cvs |