I am not sure if anyone else has picked it up but all there variables allow a hacker into site so I would strongly suggest to change all single variables to longer variables and make them clear also your functions need to be more secure and clear.
$htmlout .= ""; not valid!
$INSTALLER09_HTMLOUT = ""; valid!
dbcon() not safe or wise!
core_connection () would be wiser and more secure!
Make it go through a few security loops before connection made to database.
Use php5.5!! hide php!! chmod 0655 of all folders and files inside /var/www or whatever directory you use to host your sites plus the /www/ folder needs to be chmod 0655.
|