diff options
author | Michal Čihař <michal@cihar.com> | 2016-06-17 18:09:21 +0300 |
---|---|---|
committer | Michal Čihař <michal@cihar.com> | 2016-06-17 18:09:21 +0300 |
commit | 045046a1dc69b01da15d43aa7dff995269103113 (patch) | |
tree | 7de60c1083dc12cd697128ffbb7ccca24074176e /export.php | |
parent | bdfaaa4f40e1abfc0b626dec273f5a76fc95b27f (diff) |
Document task to do
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'export.php')
-rw-r--r-- | export.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/export.php b/export.php index d45a002149..7462543a84 100644 --- a/export.php +++ b/export.php @@ -41,6 +41,8 @@ if (isset($_GET['check_time_out'])) { * - Please keep the parameters in order of their appearance in the form * - Some of these parameters are not used, as the code below directly * verifies from the superglobal $_POST or $_REQUEST + * TODO: this should be removed to avoid passing user input to GLOBALS + * without checking */ $post_params = array( 'db', |