-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 23/03/12 06:33, Don V Nielsen wrote:
> Ruby on Rails -- ActiveRecord. ActiveRecord prevents sql injections,
> I think. Using ERB in the html would give you that kind of
> functionality. Correct?
I don't see the relevance of your comment. The req
Ruby on Rails -- ActiveRecord. ActiveRecord prevents sql injections, I
think. Using ERB in the html would give you that kind of functionality.
Correct?
dvn
On Fri, Mar 23, 2012 at 2:49 AM, Roger Binns wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I also forgot to mention doing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I also forgot to mention doing all that stuff on a second connection.
Open that one read-only (SQLITE_OPEN_READONLY).
You can also double check a statement makes no changes:
http://www.sqlite.org/c3ref/stmt_readonly.htmla
Roger
-BEGIN PGP SIGN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22/03/12 22:57, Steinar Midtskogen wrote:
> I'm planning to allow users to make database queries through a web
> page. I'm thinking of letting the user provide the string that goes
> between SELECT and FROM using the sqlite3 command tool, but wha
I'm planning to allow users to make database queries through a web
page. I'm thinking of letting the user provide the string that goes
between SELECT and FROM using the sqlite3 command tool, but what kind
of input checking is then needed?
Obviously, I need to check that the input doesn't contain
5 matches
Mail list logo
