Viewing Profile

[Tomm M]

I'm guessing it's not intended, due to the fact it does work on here (yes, I did check before)...

It's strange, because looking at the changed files, it doesn't look as though anything has changed much... then again, I buggered up my viewing online list long ago and haven't got round to fixing it lately...

Edit: I gots it...

I reckon it's because of their security review. Previously in inc/functions.php they were using generic stuff - like $_SERVER['PHP_SELF'] - which can be insecure. They've changed this to things like htmlspecialchars_uni($_SERVER['PHP_SELF']), found in the function get_current_location. I'm guessing they've missed something...