, February 08, 2001 3:54 PM
To: '[EMAIL PROTECTED]'
Subject: Bad: Re: [Zope-dev] ZSQL using LIKE operator
No, this is bad!! Do NOT do this - it will allow Bad characters in your SQL
query that could allow mischievous people to tamper with your Db and
possibly hack your box
(depending upon what
No, this is bad!! Do NOT do this - it will allow Bad characters in your SQL
query that could allow mischievous people to tamper with your Db and
possibly hack your box
(depending upon what DB you are using, how it is configured, what user it
runs as, etc)
This is the whole reason the dtml-sqlvar t