Hamish Friedlander d8a1df4312 Further secure eval call in ConfigStaticManifest ... It shouldnt be possible to get ConfigStaticManifest to parse a user uploaded file, and if you could it shouldnt be possible to form PHP that token_get_all could parse which would end up executing any code. However just in case it is, this changes the eval to assign to a static, so the eval will give a syntax error if an attacker manages to make $value look like `ls` or some other expression		2013-03-13 12:42:48 +13:00
..
ClassLoader.php	ENHANCEMENT Added $exclusive flag to SS_ClassLoader->pushManifest() to allow for multiple manifests co-existing (useful for tests which rely on core classes but also want to test their own manifests)	2012-04-15 17:17:15 +02:00
ClassManifest.php	MINOR: Remove checks for PHP < 5.3.2, as it's no longer supported	2012-04-18 10:38:09 +12:00
ConfigManifest.php	FIX Remove instances of lines longer than 120c	2012-09-30 17:18:13 +13:00
ConfigStaticManifest.php	Further secure eval call in ConfigStaticManifest	2013-03-13 12:42:48 +13:00
ManifestFileFinder.php	MINOR Update @package values to match renaming sapphire	2012-04-15 10:50:19 +12:00
TemplateLoader.php	API Explicitly load project template files after modules	2012-12-04 10:47:37 +01:00
TemplateManifest.php	API Explicitly load project template files after modules	2012-12-04 10:47:37 +01:00
TokenisedRegularExpression.php	FIX Remove instances of lines longer than 120c	2012-09-30 17:18:13 +13:00