Remove password from $_SESSION. Second reduction of usage of password

The password was set into the session object and also retrieved from it in various scripts. These scripts did not use the password but echoed it sometimes  in an URL for a next action (which did not use the password too).  This is a security leak.
Major modification of the scripts in this commit remove code to set/retrieve the password from the session object.
Minor modifications are listed in the modification comments of the scripts.
The deleted scripts were not used.

https://github.com/ABCD-DEVCOM/ABCD2/commit/05d0e5ba5d23025318a6b55c3088f59e150275eb

Leave a Reply

Your email address will not be published. Required fields are marked *