Called by SaveUserData, GetNewUserId?, LoadUserData
example for userid 1211: user/1/1211.db
sub UserDataFilename { my ($id) = @_;
return "" if ($id < 1); return $UserDir . "/" . ($id % 10) . "/$id.db"; }
This routine throws a fatal error when taint checking is enabled. $id is read from the user, then used as part of a filename on the host system -- dangerous! For a fix, see WikiPatches/TaintMode.