My Codeigniter Observations

My Codeigniter Observations

El Forum
Guest

#17

07-13-2009, 07:19 AM

[eluser]Jopr[/eluser]
@beren

While working with your MY_Exception class (which is great btw!) I found a security problem.

When a route is not found a 404 will be returned using the exception class. The problem with this is that the config files are not loaded yet. PHP asumes that the constant is 'true' en a backtrace is printed below the 404. The solution is simple. Add the defined() statement to the condition like below:

Code:
if (@defined(DEBUG_BACKTRACE) && DEBUG_BACKTRACE)

Messages In This Thread

My Codeigniter Observations - by El Forum - 01-21-2008, 05:30 AM

My Codeigniter Observations - by El Forum - 01-21-2008, 06:15 AM

My Codeigniter Observations - by El Forum - 01-21-2008, 06:46 AM

My Codeigniter Observations - by El Forum - 01-21-2008, 04:36 PM

My Codeigniter Observations - by El Forum - 01-22-2008, 04:04 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 06:24 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 07:29 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 08:17 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 09:04 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 09:35 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 10:01 AM

My Codeigniter Observations - by El Forum - 01-22-2008, 02:29 PM

My Codeigniter Observations - by El Forum - 01-22-2008, 02:59 PM

My Codeigniter Observations - by El Forum - 01-22-2008, 04:31 PM

My Codeigniter Observations - by El Forum - 01-23-2008, 12:00 PM

My Codeigniter Observations - by El Forum - 03-19-2009, 10:42 AM

My Codeigniter Observations - by El Forum - 07-13-2009, 07:19 AM

My Codeigniter Observations - by El Forum - 07-14-2009, 03:09 AM