pcboard security documentation about user security - safe about error messages - path disclosures about get - disabled about post - checked about cookies - about id (interesting) - other value compared about http - about html - stripped about javascript - stripped about css - about php - (harder) about sql - medium/pre about sessions - medium (buggy/unsure) about files - medium (if path known visible) about using others values - only cookie id makes it unsafe