24th June 2012, 21:45
|
Senior Member
|
|
Join Date: Jun 2012
Posts: 33
|
|
Quote:
Originally Posted by djhowarth
http://opentracker.nu/demo/user/logout/
As the avatar url prevents me from logging in so you should pay attention to what i was saying, a xbtit developer originally showed me this and its probably a common hack in php where developers assume no url santization is required i suggest you check getimagesize out this will validate a url against a image...
|
its already been fixed.
|