User: lazyboy Branch: DRUPAL-6--7 Date: Tue, 01 Apr 2008 18:22:01 +0000 Modified files: /modules/quota_by_role quota_by_role.module Log message: Bug Fixes: Bugness - Provided a patch that fixed the deleting of quotas in a non-clean url setting - Pointed out to me that the { } were missing on some table names in 2 SQL queries. Security Fix: Bugness - A user could have exploited the ?delete=78 and append some SQL injection attack. This is a very minor security issue, as the user had to have had admin access to the QBR module. Patch provided and applied. Thank you :) Links: http://cvs.drupal.org/diff.php?path=contributions/modules/quota_by_role/quot...