Wow,
Thanks for all the ideas, I'll explore all of them. I have the content
people messing with the adm so it's hard to try things I don't fully
understand by now
About the sql injection, the db user I set for this has only select
privileges, should I be worried even with this ?
Thanks
About the sql injection, the db user I set for this has only select
privileges, should I be worried even with this ?
Absolutely. If I have select privs, I could possibly select passwords,
credit card numbers, or whatever else sensitive info you have in your db.
JM
--
PHP General
On Tue, May 8, 2007 6:54 am, Marcelo Wolfgang wrote:
About the sql injection, the db user I set for this has only select
privileges, should I be worried even with this ?
Only if you care about somebody constructing a query that snarfs down
your entire database so they can steal it...
Or if you
3 matches
Mail list logo
