Hi all. In my apps I'm using select with clase="my_column like
('%s%')" %(myvariable). I'm wondering does SqlObject can escape
values that I put in select (to pretend e.g. SqlInjection). Does
anyone know something about that? Or I shoud write my own
"protection filter" ??
Best wishes
Grzegorz
----------------------------------------------------
Interaktywna wystawa HI-TECH z Tokio ODKRYWANIE CZASU
nauka eksperyment zabawa - Warszawa, Pałac Kultury i Nauki
do 29.11.2006 r. wspaniała rozrywka dla całej rodziny.
http://klik.wp.pl/?adr=http%3A%2F%2Fadv.reklama.wp.pl%2Fas%2Focz.html&sid=734
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
sqlobject-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/sqlobject-discuss
