RSS

LuxCal Forum

The place for questions, suggestions and news about the LuxCal Event Calendar

User:   Password:   Remember Me?   
LuxCal Forum / LuxCal / Known Issues and Fixes / Cross Site Request Forgery / SQL Injection
Posted:  14 Mar 2016 07:40
Hello Sir,

Is LuxCal 4.4.0 is Cross Site Request Forgery / SQL Injection proof.
Posted:  14 Mar 2016 11:22
Hi there,

Yes, we believe so. Several measures have been taken to reject both.
To protect against SQL injection attacks the recommended PHP programming techniques have been applied
A special mechanism has been used to protect against CSRF. If spoofed form submission is detected, the calendar will log it, so that the administrator can see if the calendar has been under attack.
Roel