safety-screen/Nominatim
1
0
Fork 0
forked from hans/Nominatim
Code Pull Requests Activity
Files
0a14142156a5c62d574e9f3172716ba19ea9d122
Nominatim/website
History
Sarah Hoffmann f94828c3f4 properly escape class parameter 
The class parameter was used as is, allowing for potential
SQL injection via the API.

Thanks to @bladeswords for finding this.
2020-05-02 21:54:14 +02:00
..
css
website dependencies: jQuery v2.1 => 3.5, leaflet 1.3 => 1.6
2020-04-11 18:18:57 +02:00
images
status after hackweekend London
2016-01-15 17:11:12 +01:00
js
website dependencies: jQuery v2.1 => 3.5, leaflet 1.3 => 1.6
2020-04-11 18:18:57 +02:00
deletable.php
Add JSON output for /deletable.php and /polygons.php
2020-04-10 15:34:56 +02:00
details.php
properly escape class parameter
2020-05-02 21:54:14 +02:00
hierarchy.php
/hierarchy.php was missing namespace calling AddressDetails
2019-07-28 22:05:51 +02:00
lookup.php
fix logging of lookup calls
2020-04-13 11:55:24 +02:00
polygons.php
Add JSON output for /deletable.php and /polygons.php
2020-04-10 15:34:56 +02:00
reverse.php
Nominatim::DB support input variables, custom error messages
2019-03-10 16:56:36 +01:00
search.php
Fixed PHP warning from #1523
2019-10-15 08:46:19 +02:00
status.php
replace database abstraction DB with PDO
2019-03-09 00:18:15 +01:00