Hi all, Shouldn't the string "somebogus\0" quoted with:
// Zend_Db_Adapter_Pdo_Mysql $db->quote( "somebogus\0" ); return: "'somebogus\\0'"? in stead of "'somebogus\0'"? The adapter doesn't escape the NUL char properly. I read somewhere that using the \0 char in MySql is a vulnarability for SQL injection. Can't seem to find the article anymore though. Cheers _________________________________________________________________ Download de nieuwste emoticons voor in je Messenger http://www.msnmessengerexperience.nl/chuck/
