Thread: nxTools v1.0.4
View Single Post
Old 05-06-2006, 09:10 PM  
neoxed
Too much time...
 
Join Date: May 2003
Posts: 1,326
Default nxTools v1.0.4

Changes:
  • NEW: Check if the request was already filled before adding it.
  • NEW: Extensions are now loaded using Tcl's package system.
  • FIX: Properly quote string values in SQL statements.
  • FIX: The "SITE PRE STATS" command was broken in v1.0.3.
  • FIX: The maximum request age should be logged in seconds.
  • FIX: The release check for "SITE REQUEST" did not allow some valid names.
Notes:
  • Update ASAP, this fixes a possible SQL injection exploit.
  • The procedure I used for escaping strings in SQL statements was left over from the MySQL days of nxTools. When I migrated to SQLite I never modified the procedure, so strings were not properly escaped.
Download:

http://www.inicom.net/pages/en.ioftpd-scripts.php?id=78
neoxed is offline   Reply With Quote