d> Nope, you could do it with any sql based database unless your forms have d> protection built in. Thankfully our WEB guys did that by accident. Namely when d> they accept a data value they have certain rules that they apply to all fields, d> like max length, no unlimited length fields, comment data manipulated via d> procedures. It's rather easy, but you have to design it that way.
That's what I suspected. I probed the few trival forms that I'd done with CGI/Oracle and found that mine were accidentally safe -- I figure pretty much like a pocket protector keeps you from getting STD's. Limited fields and some javascript pre-processing. But now I've got some concerns about what our developers have done in our big app..... -rje -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Robert Eskridge INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
