Symphony.

I’m not an expert but according to my XAMPP installation, I think this ensemble may be susceptible to sql injection.

@kalvind - How so? Would you mind posting your findings on the Frontend Members Reference issue tracker?

Thanks so much!

Sorry man. On my installaton, when I try url/’ a fatal database error page occurs. The session id and username and password are then visible.

No apologies necessary. It just helps to get that error listed on the issue tracker so all the issues for the extension can be collected in one place. Thanks for posting the issue there.

@kalvind - What version of Symphony are you running? Try updating to either the lastest 2.0.7 or I’ve found the latest 2.0.8 RC1 to be really stable.

You guessed correctly, I’m on 2.06 on XAMPP - okay I will try 2.08 on Fedora this week, thanks.

I’ve got mixed up, the above error occurred on the ensemble.

I gotcha. Try to still update your installation on the ensemble. The ensemble’s symphony install is not super stable. If you move to 2.0.8 RC1 or guess it would be 2.0.8RC2, I’m sure those problems are fixed, if not, please post them on issues tracker so the Symphony team knows.

Problem exists with a clean 2.0.8RC2 installation and the ensemble on XAMPP. My 2.06 installations are fine. Posted an issue as requested.