Another issue is the cross site scripting attempts. I can make a site that can enter massive amounts of data on your system. Or make a website that looks like yours and lead a victim to use my site thinking they are filling in your form and take their information in the process but let the user continue as if nothing happened.
On Thu, Jul 4, 2013 at 8:47 AM, Jason (spot) Brower <[email protected]>wrote: > Never tried myself but I found this... > https://sites.google.com/site/0x7674/home/sqlite3injectioncheatsheet > > > > On Thu, Jul 4, 2013 at 8:45 AM, Jason (spot) Brower > <[email protected]>wrote: > >> If your not validating the data some how on the server then oh yes, very >> bad thing. >> >> >> On Thu, Jul 4, 2013 at 8:43 AM, qwer qwer <[email protected]> wrote: >> >>> I have used normal html forms instead of web2py forms at many >>> places.Does this make sql injections possible? Can someone please give an >>> example of such an injection, if possible. thanks >>> >>> -- >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "web2py-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >>> >>> >> >> > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
