safety-screen/Nominatim
1
0
Fork 0
forked from hans/Nominatim
Code Pull Requests Activity
Files
f0f4ded04125b1acdf0bd00ff93af917cb113f63
Nominatim/website
History
Sarah Hoffmann ae85ceca1e properly escape class parameter 
The class parameter was used as is, allowing for potential
SQL injection via the API.

Thanks to @bladeswords for finding this.
2020-05-02 22:17:35 +02:00
..
css
update leaflet.js 1.0 => 1.3
2018-06-14 02:18:00 +02:00
images
status after hackweekend London
2016-01-15 17:11:12 +01:00
js
UI: update the switch-to-reverse link after each map click
2019-02-24 16:34:21 +01:00
deletable.php
Nominatim::DB support input variables, custom error messages
2019-03-10 16:56:36 +01:00
details.php
properly escape class parameter
2020-05-02 22:17:35 +02:00
hierarchy.php
PDO library returns proper boolean. We dont need string comparison
2019-04-02 16:52:37 +02:00
lookup.php
replace database abstraction DB with PDO
2019-03-09 00:18:15 +01:00
polygons.php
Nominatim::DB support input variables, custom error messages
2019-03-10 16:56:36 +01:00
reverse.php
Nominatim::DB support input variables, custom error messages
2019-03-10 16:56:36 +01:00
search.php
Nominatim::DB support input variables, custom error messages
2019-03-10 16:56:36 +01:00
status.php
replace database abstraction DB with PDO
2019-03-09 00:18:15 +01:00