On 7/3/07, AD7six <[EMAIL PROTECTED]> wrote: > > > > > On Jul 3, 2:54 am, AndyC <[EMAIL PROTECTED]> wrote: > > OK done. > > When you tested that, how did you do so and what did you see? > > I see: > ORDER BY `fi\'eld` asc. > > obviously that won't work but neither will it allow you to do much > (and it's not permitting injection either)
+1 Was about to post something very similar. How was the injection achieved? Just being able to force an SQL error is not true injection T -- ============================================================= Cheesecake-Photoblog: http://cheesecake-photoblog.org PHP for E-Biz: http://sanisoft.com ============================================================= --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
