NYCPHP Meetup

[nycphp-talk] Is there something wrong with this SQL query in PHP?

John Campbell jcampbell1 at gmail.com
Tue Aug 14 20:31:12 EDT 2007


> They had the exact same problems w/XSS, no input validation.

Input validation?  Don't you mean output escaping?  You must not allow
uber leet usernames like |<33|>.  :)

-john cambpell



More information about the talk mailing list