Taras, On Sun, May 10, 2009 at 5:10 PM, Taras P. Ivashchenko <naplan...@gmail.com> wrote: > > Hi, list! > > There is a some code joke was found =) > > $ cat core/data/db/persist.py | grep -A3 -B3 "SQL injection" > # Get the row(s) > c = self._db.cursor() > select_stm = "select * from data_table" > # This is a SQL injection! =) > select_stm += " where " + search_string > > # Add the result limit, remember that a result_limit of -1 is "no > limit"
And they are a lot more, you just have to search for them ;) Example: core/ui/gtkUi/clusterTable.py: # FIXME: I'm sure there is another way to do this... but... what a hell... nobody reads the code ;) > -- > Taras P. Ivashchenko <naplan...@gmail.com> > > ------------------------------------------------------------------------------ > The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your > production scanning environment may not be a perfect world - but thanks to > Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 > Series Scanner you'll get full speed at 300 dpi even with all image > processing features enabled. http://p.sf.net/sfu/kodak-com > _______________________________________________ > W3af-develop mailing list > W3af-develop@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-develop > > -- Andrés Riancho Founder, Bonsai - Information Security http://www.bonsai-sec.com/ http://w3af.sf.net/ ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
