Mendez Perez
-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Enviado el: Miercoles, 03 de Noviembre de 2004 04:25 p.m.
Para: [EMAIL PROTECTED]
Asunto: [PHP] SQL-Injection, XSS and Hijacking
Hi,
I read now quite a lot of articles about SQL-Injection,
XSS and session
On Wed, 3 Nov 2004 19:02:22 -0800 (PST), Chris Shiflett
[EMAIL PROTECTED] wrote:
There is a lot more. I highlight some of the things I think are of
principal concern for PHP developers in something I call the PHP Security
Workbook:
http://shiflett.org/php-security.pdf
That doesn't cover
--- Jordi Canals [EMAIL PROTECTED] wrote:
I highlight some of the things I think are of principal concern
for PHP developers in something I call the PHP Security Workbook:
http://shiflett.org/php-security.pdf
That doesn't cover everything, of course, but it covers those
things I
Hi,
I read now quite a lot of articles about SQL-Injection,
XSS and session hijacking in a hopefully appropriate way.
As I understand the function addslashes(),quote_meta()
and mysql_real_escape_string() are to avoid SQL Injection
e.g. in order to use page_sliding with entered POST data
over
: [PHP] SQL-Injection, XSS and Hijacking
Hi,
I read now quite a lot of articles about SQL-Injection,
XSS and session hijacking in a hopefully appropriate way.
As I understand the function addslashes(),quote_meta()
and mysql_real_escape_string() are to avoid SQL Injection
e.g. in order to use
--- [EMAIL PROTECTED] wrote:
I read now quite a lot of articles about SQL-Injection,
XSS, and session hijacking in a hopefully appropriate way.
As I understand the function addslashes(), quote_meta(),
and mysql_real_escape_string() are to avoid SQL Injection
The database-specific escaping
6 matches
Mail list logo