subject:"Re\: \[U2\] SQL Injection \(was Select Problem\)"

RE: [U2] SQL Injection (was Select Problem)

2009-04-14 Thread Tony G

From: Israel, John Thanks for all the replies. Yeah, it was doing a pattern match, but not one that I would have expected... It's precisely due to issues like this that I recommend unaudited/unfiltered end-user input never be used in queries. This is the definition of SQL injection which

Re: [U2] SQL Injection (was Select Problem)

2009-04-14 Thread Israel, John R.

u2-users@listserver.u2ug.org Sent: Tue Apr 14 18:23:45 2009 Subject: RE: [U2] SQL Injection (was Select Problem) From: Israel, John Thanks for all the replies. Yeah, it was doing a pattern match, but not one that I would have expected... It's precisely due to issues like this that I