Does anyone know what is going on in the background of LiveCode's revExecuteSQL
command (and related commands: revOpenDatabase revDataFromQuery, etc)? Are
there any security features available? Is it safe to use these calls (read and
write) to a server-side database in a commercially released
Hi Dan,
For any calls that access a remote database, you should use the form that
includes :1, :2, etc in the SQL statement and variable name(s) to
supply the values for those placeholders.
That protects against SQL injection attacks and also removes the need to
escape quote characters in your
Use encryption when setting up your database connection.
Bob S
On Nov 12, 2014, at 07:29 , Dan Friedman d...@clearvisiontech.com wrote:
Does anyone know what is going on in the background of LiveCode's
revExecuteSQL command (and related commands: revOpenDatabase
revDataFromQuery, etc)?
Dan-
Wednesday, November 12, 2014, 7:29:06 AM, you wrote:
Is it safe to use these calls (read and write) to a server-side
database in a commercially released app?
No.
Or, is it just really intended for local databases?
That's more the case. Any database worth talking about will