On Mon, Dec 20, 2010 at 11:31 PM, Rico Secada coolz...@it.dk wrote:
Hi.
In an article about SQL Injection by Chris Shiflett he mentions the
following in a comment: The process of escaping should preserve data,
so it should never be necessary to reverse it. When I'm auditing an
application,
On Tue, 21 Dec 2010 10:32:21 -0500
Adam Richardson simples...@gmail.com wrote:
1. Turn off magic_quotes_gpc if on, as its use has been deprecated.
2. Use prepared statements.
3. Don't worry about stripping slashes ever again :)
Thank you for a very enlightening answer. I guess I misunderstood
Hi.
In an article about SQL Injection by Chris Shiflett he mentions the
following in a comment: The process of escaping should preserve data,
so it should never be necessary to reverse it. When I'm auditing an
application, things like stripslashes() alert me to design problems.
Now, I'm always
On Tue, Dec 21, 2010 at 05:31:15AM +0100, Rico Secada wrote:
Hi.
In an article about SQL Injection by Chris Shiflett he mentions the
following in a comment: The process of escaping should preserve data,
so it should never be necessary to reverse it. When I'm auditing an
application, things
On Tue, 21 Dec 2010 00:32:19 -0500
Paul M Foster pa...@quillandmouse.com wrote:
On Tue, Dec 21, 2010 at 05:31:15AM +0100, Rico Secada wrote:
Hi.
In an article about SQL Injection by Chris Shiflett he mentions the
following in a comment: The process of escaping should preserve
data,
Hello,
The plug-in PDO has nothing to do with the backslashes being inserted into
the database. The backslashes are used to escape characters like in D's...it
would show D's. That's the safe behavior of it. You can change
your programming code to fix that.
Ravi.
On Tue, Dec 21,
6 matches
Mail list logo