Mike:
On Wed, Nov 07, 2007 at 12:31:17PM +0800, [EMAIL PROTECTED] wrote:
>
> I just noticed that this client has been getting regular injection
> attacks that have been failing because it is a comment spammer and the
> INSERT query is failing on a duplicate key error.
A delayed FYI:
The term "injection attack" generally means "SQL injection attack", hence
so many people here talking about properly escaping data heading to your
database. Sometimes it means "HTML injection attack", leading to others
talking about how to escape HTML when generating pages.
Sounds like your issue turned out to be a plain old bug / programming
logic flaw.
--Dan
--
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
data intensive web and database programming
http://www.AnalysisAndSolutions.com/
4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
