Jump to content

Version 1.0.2 Released


Recommended Posts

The new release offers increased security features. By default now, normal player cannot send HTML within any of the GET / POST variables. If this happen, an error will be displayed. You may of course disable this feature from within the admin panel.

The result of such function is that even if a module forget to use htmlentities or other filter function, the game should not be vulnerable to XSS attacks. That doesn't mean you should not anymore filter the inputs of the users, yet it adds another layer of protection.

The feature is disabled for admins as they should be able to edit tables and messages from the admin panel.

File changed in this version:







and added a new module:


There is as well a new version of the dev version, which have a nicer PrettyMessage function however the feature of the HTML filter is not part of the DEV version.En


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...