+Ver 1.70.2:
+* Fix redirects in dialup-admin pages on servers with register_globals
+ turned off.
+* HTTP form fields will always fail is_int, use in_numeric instead.
+
+Ver 1.70.1:
+* Report correct data transfer statistics for users
+* Lower-case sql column names to match creation scripts
+* Fix creation of empty groups
+* Put quote around usernames in HTML output
+* Properly notice when we've got a blank password to SQL
+
Ver 1.70:
* Add the /bin postgresql compatibility patch from Guy Fraser
* Add ldap_userdn as a configuration directive. If set we use that for
protect ourselves from sql injection.
* Use the ldap_userdn directive where applicable in the functions.php3 file
* Add an sql_xlat function
-
-TODO: Check out the sql queries in lin/sql for sql injection.
+* Add a nas administration page for sql based clients
+* Fix small bugs in accounting.php3 and user_stats.php3. Add nas_admin.php3 to the buttons page
+* Add da_sql_escape_string for all relevant variables in lib/sql files
+* Keep the nas list in a separate array $nas_list. Update various pages to use that one now.
+* Make nas_list actually work
+* Also allow for '-' to exist in a nas name in bin/log_badlogins
Ver 1.68:
* Huge PostgreSQL compatibility patch by Guy Fraser <guy@incentre.net>
projects / freeradius.git / blobdiff