OpenDocMan v1.3.0 includes security fixes, bug fixes, and code cleanup. PHP extension pdo-mysql is now used for all database queries. All users are highly encouraged to upgrade. This update includes database modifications.

  • Fix potential XSS exploit
  • Fix potential SQL injection exploits
  • Fix issue #186 – Don’t create file records until file upload is verified
  • Fix issue #128 – Move from mysql_query() to PDO for SQL queries
  • Removed the “secure url” admin setting since it was mis-leading and ineffective
  • General code cleanup and refactoring. Removed un-used code. Removed un-used files.

Download available

Tags: , , , , , ,