php-general Digest 24 Jan 2012 15:45:52 - Issue 7663
Topics (messages 316375 through 316387):
Re: Update mailing list docs - How to unsubscribe?
316375 by: Geoff Shang
Re: php.net problems?
316376 by: Donovan Brooke
316377 by: Daniel Brown
316378 by: Donovan
4 questions... which is basically all it comes to.. After all this
back and forth emails, I think we should nail down these questions
cause they are still not completely covered in my mind.
question 1
If you use the PHP filters sanitizations, and you plan on using PDO
with binded params, are
On 1/23/2012 6:22 PM, Daniel Brown wrote:
ALL:
As you may have noticed, early this morning we got bored and
decided to delete php.net from the Internet. After getting an
estimated sixteen-point-four trillion complaints, we became
overwhelmed and aggravated by your incessant need to
question 1
If you use the PHP filters sanitizations, and you plan on using PDO
with binded params, are you absolutely safe? And if not, why? What are
the other ways for them to still make it in - even with PD0 and binded
params properly in place? Just curious.
There are no known exploits
On Tue, Jan 24, 2012 at 11:53, Al n...@ridersite.org wrote:
Now, how about having the some very talented folks fix the severely
restricted access to the NNTP server. Rarely can I download more than about
10 topics without a time out.
Per your request several times over at least 2 years, I've
On 24 Jan 2012, at 16:53, Al wrote:
Now, how about having the some very talented folks fix the severely
restricted access to the NNTP server. Rarely can I download more than about
10 topics without a time out.
Per your request several times over at least 2 years, I've filed bug reports.
My reply is in delims.
question 1
If you use the PHP filters sanitizations, and you plan on using PDO
with binded params, are you absolutely safe? And if not, why? What are
the other ways for them to still make it in - even with PD0 and binded
params properly in place? Just curious.
You don't need to store it in the database as b64, just undo the
encoding into your inputs
for the purpose of the explanation, this is language independent
b64e - encoding function
b64d - decoding function
pseudo code
given:
bad_num = ') union select * from foo --'
bad_str =
good_num =
8 matches
Mail list logo