Hi, I have a project developed using cakephp 1.3 and for testing I used SQL Inject me addon (firefox) https://addons.mozilla.org/en-US/firefox/addon/7597/
>From cakephp manual, what I understood is, the save() and find() methods will automatically protect the data from SQL injection. But while running "SQL inject me" test, I am always getting failures as result. For ex: Results: Server Status Code: 302 Found Tested value: 1' AND 1=(SELECT COUNT(*) FROM tablenames); -- Server Status Code: 302 Found Tested value: '; DESC users; -- Server Status Code: 302 Found Tested value: 1'1 I have tried with cakephp sanitize methods, then also I am getting the errors in "sql inject me". Any help ? Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
