thank you for the response Massimo,
I do agree with your thoughts regarding the vulnerability exposed upon a
new registration ! that can easily be arranged by adding an additional
table to manage all users profile pics ! ... that way, a user can only
upload his avatar ( or picture ) only when the
I will look into this shortly anyway... having a picture in the auth_user
table is a vulnerability. This is because the upload entry may appear upon
registration allowing un-registered users to uploading large files.
On Saturday, 1 December 2012 08:59:21 UTC-6, Don_X wrote:
>
> Hello web2py user
2 matches
Mail list logo
