On Tue, 2003-02-18 at 20:24, moshe doron wrote: > there is security case here e.g, allowing the cracker chain "DELETE FROM X" to > "SELECT * FROM X WHERE ID=$id" where the $id is got via the url without > checking (most of the cases). You're right - thanks for mentioning this.
- Timm -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
