On Jul 3, 11:48 am, AD7six <[EMAIL PROTECTED]> wrote: > On Jul 3, 2:54 am, AndyC <[EMAIL PROTECTED]> wrote: > > > OK done. > > When you tested that, how did you do so and what did you see? > > I see: > ORDER BY `fi\'eld` asc. > > obviously that won't work but neither will it allow you to do much > (and it's not permitting injection either)
FWIW, Sanitize::clean() is broken (the trim logic is totally breaking) leaving possibility for SQL errors. Sanitization is also not promoted in the community nor in source, IM*H*O. -- <?php echo 'Just another PHP saint'; ?> Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
