I am planning to submit a patch to picture-upload.tmpl that implements
the TMPL_ELSIF tag new to Template::Pro 0.69.
The installer has already been updated to check for 0.69 as a
prerequisite, but for those running a developer install
this will not catch that. So if templates begin misbehaving, che
Shifting this over the devel lists, where it can be discussed more fully.
Chris
On 3/7/08, Chris Hammond-Thrasher <[EMAIL PROTECTED]> wrote:
>
> This could be a serious problem. Is this addressed in Koha 3? Are their
> any
> checks for dangerous user input in Koha 2 or 3?
>
> -cht
>
>
>
> Chris H
Chris Cormack wrote:
Short answer is yes, there are more checks on the use side (opac). The
staff interface has some checking, but as Joe pointed out if you have
staff inserting html into your marc data, you have bigger problems.
What checks can you do? Characters like "<" and "&" are valid i
