Hi,
On Sat, Oct 10, 2009 at 10:46 AM, Noufal Ibrahim nou...@gmail.com wrote:
0 day Django exploit in the wild -
http://news.ycombinator.com/item?id=872533
http://www.djangoproject.com/weblog/2009/oct/09/security/
Fixed rather quickly but found rather late. One of the reasons is
probably
On Sat, Oct 10, 2009 at 12:31 PM, Anand Balachandran Pillai
abpil...@gmail.com wrote:
[..]
For example, this is a very common way of doing a select using PHP.
$query = SELECT * FROM products WHERE name=’$productname’;
mysql_query($query);
Only that this kind of SQL is very
On Sat, Oct 10, 2009 at 7:59 PM, Carl Karsten c...@personnelware.com wrote:
I have done 2 php pages and a bunch of python. My guess is PHP makes
it easier to write vulnerable code, but I am really going on on a limb
here, so I'll not try to support this notion.
+1 PHP indeed makes it easier
On Sat, Oct 10, 2009 at 7:59 PM, Carl Karsten c...@personnelware.com wrote:
[..]
I need to inject...
The line should be:
cursor.execute(query, ('burger', '2009-09-10 12:00:00'))
Ah. Then it's just a case of the API doing the quoting internally
which points to a better API than a better
On Sat, Oct 10, 2009 at 10:05 AM, Noufal Ibrahim nou...@gmail.com wrote:
On Sat, Oct 10, 2009 at 7:59 PM, Carl Karsten c...@personnelware.com wrote:
[..]
I need to inject...
The line should be:
cursor.execute(query, ('burger', '2009-09-10 12:00:00'))
Ah. Then it's just a case of the API
On Fri, Oct 9, 2009 at 11:23 PM, abstract things
abstractthi...@gmail.comwrote:
Hello All,
My name is Sundar and I am Senior Python programming language user [?] (I
mean 3+ years). I like Python programming. Well, I haven't registered for
PyCon early enough but I attended Mayavi,
On Sat, Oct 10, 2009 at 10:20 PM, Anand Balachandran Pillai
abpil...@gmail.com wrote:
[..]
I am sorry, but I decided not to present this talk tomorrow. I had thought
of presenting OpenCalais as an example of top down semantic web but
with some prejudices already about the topic, I think I will
On Saturday 10 Oct 2009 8:09:17 pm Vivek Khurana wrote:
On Sat, Oct 10, 2009 at 7:59 PM, Carl Karsten c...@personnelware.com
wrote:
I have done 2 php pages and a bunch of python. My guess is PHP makes
it easier to write vulnerable code, but I am really going on on a limb
here, so I'll not
On Sat, Oct 10, 2009 at 8:35 PM, Noufal Ibrahim nou...@gmail.com wrote:
On Sat, Oct 10, 2009 at 7:59 PM, Carl Karsten c...@personnelware.com
wrote:
[..]
I need to inject...
The line should be:
cursor.execute(query, ('burger', '2009-09-10 12:00:00'))
Ah. Then it's just a case of the
