PHP-MBTiles-Server icon indicating copy to clipboard operation
PHP-MBTiles-Server copied to clipboard

Published 20 hours ago verified publisher icon bmcbride

Security updates

Open asd20752 opened this issue 4 years ago • 0 comments

I have added some simple security updates with this pull.

  • Preventing SQL injection with binding parameters instead of hard coding into SQL string.
  • Checking if the requested database is a sub file of the working directory to prevent traversing of system folders.
  • Checking if the database exists before opening with SQL lite to prevent new empty files to be spawned.
  • Removed DEMO from README.md since they were broken anyways.

asd20752 avatar Dec 31 '20 21:12 asd20752