Re: [Omail-admin-devel] quotas are easy to spoof
Brought to you by:
swix
From: Michael B. <mi...@in...> - 2001-03-16 23:02:35
|
On Fri, Mar 16, 2001 at 07:47:50PM +0100, Martin Hetzner - Hetzner Online AG wrote: > Hi There ! > > we found currently a bug in omail admin. > The bug was first seen on our servers running > omail 0.95 but I testet it recently on the 0.97 > demo page and it also occured. > > If you log in to the demo page with > user: test.com and test > everything works fine. > > but just try > user: teSt.com and test. > > And you will be surbrised about your quotas ... strtolower($form_login) should fix this !? gruesse, michi |