You are here


Security features:

1. Full support of registered_globals = off

2. Concurrent edit/delete safe

3. Special transaction filtering mechanism to minimize SQL injection

4. _GET and _POST vars are strip_tag'ed before being used (to avoid cross-site scripting)

5. Scripts are md5 checksum verified before execution

6. Full transaction post-insert, post-edit, pre-delete image logging

7. Special module to provide fine-grain access control

8. Access to employee's own staff record based on employee identity (Staff Self Service module)

9. Access to customer's own record based on customer identity (Customer Self Service module)

For mainline ERP features, please refer to Sangeetha Naik's excellent article on Open Source ERP for SMEs.