HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Search
-
Re: SFM Plugin: Enhancements and feedback
I have been trying this out. One thing that struck me is that you're going to the effort of hashing the user upload directory, but in such a way as to make the hashes totally predictable. I amended my code to introduce a salt variable to make the upload directory names difficult to predict. default.php // Pinched from… -
Re: SFM Plugin: Enhancements and feedback
shoot... I was working on the previous version. Basically, there should be no data manipulation in your view that doesn't directly relate to how it is output. For example, the list of files should be generated in your controller. You set the data to your controller, then you use that in the view. The upload form and…
2 results