/ 
Jifty-0.51228
/ Jifty::Handle
Security Advisories (4)
CPANSA-Jifty-2011-01 (2011-03-17)

The path as passed in the fragment request data structure was used verbatim in the dispatcher and other locations. This possibly allowed requests to walk around ACLs by requesting '/some/safe/place/../../../dangerous' as a fragment.

CPANSA-Jifty-2009-01 (2009-04-09)

The REST plugin would let you call any method on the model.

CPANSA-Jifty-2008-01 (2009-04-08)

Allowed all actions on GET.

CPANSA-Jifty-2006-01 (2006-07-06)

Jifty did not protect users against a class of remote data access vulnerability. If an attacker knew the structure of your local filesystem and you were using the "standalone" webserver in production, the attacker could gain read only access to local files.

NAME

Jifty::Handle -- A database handle class for Jifty

DESCRIPTION

A wrapper around Jifty::DBI::Handle which is aware of versions in the database

METHODS

new PARAMHASH

This class method instantiates a new Jifty::Handle object. This object deals with database handles for the system. After it is created, it will be a subclass of Jifty::DBI::Handle.

connect ARGS

Like Jifty::DBI's connect method but pulls the name of the database from the current Jifty::Config.

check_schema_version

Make sure that we have a recent enough database schema. If we don't, then error out.

AUTHOR

Various folks at BestPractical Solutions, LLC.