[nycphp-talk] php in securityfocus 218
Tim Gales
tgales at tgaconnect.com
Tue Oct 14 09:42:19 EDT 2003
I am surprised that you are uncertain about this.
It is clearly documented in the discussion at Security
Focus:
"an SQL Injection vulnerability can present itself due to a
lack of sufficient sanitization performed on user-supplied
data."
You have to the 'lustrate' the data, preferably with a
self-flagellation routine. (Maybe addlashess intead of
addslashes)
Tim G.
-----Original Message-----
From: talk-bounces at lists.nyphp.org
[mailto:talk-bounces at lists.nyphp.org] On Behalf Of Chris
Snyder
Sent: Tuesday, October 14, 2003 8:47 AM
To: NYPHP Talk
Subject: Re: [nycphp-talk] php in securityfocus 218
...
Is this safe, or is my site at the mercy of a clever SQL
injector?
csnyder
_______________________________________________
talk mailing list
talk at lists.nyphp.org
http://lists.nyphp.org/mailman/listinfo/talk
More information about the talk
mailing list