19 Jun
2006
19 Jun
'06
7:58 p.m.
Hi everybody, I just received an email from Ber asking to check my modules for security issues related to file uploads. Maybe others of you received too that emails. He tell me to check my module for upload related issue and see at the 4.7.1->4.7.2 patch as guide. Well... it seems that the main addition is the upload_munge_filename ... but this is an upload module only functions. Should the munge_filename function became a file api? Moreover a handbook page explaining how to handle uploads in security is needed. Fabio Varesano