Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

Non safe code

I think there is a bug in /includes/theme_functions_include .php
around line 221:

CodeDownload  
 
 if ($display == "" && $settings['sitebanner2']) {
 eval("?><div style='float: right;'>".stripslashes($settings['sitebanner2'])."</div>\n<?php ");




Should not be the eval function only be executed if:

CodeDownload  
if (fusion_get_settings('allow_php_exe')

https://github.com/php-fusion/PHP-Fusion/commit/a89e89207348ce6a7e41964075f41a3a546c4584
Thank you
Thread Information
Author
Replies
3 posts
Views
145 times
Last Post
Last updated on 2 months ago
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
Users who participated in discussion: douwe_yntema, RobiNN