Thank you, Villas and Cliff. Cliff, I will definitely look up on the topic of MySQL injection attacks. Does using DAL better protect me against such attacks?
Thank you. On Fri, Aug 17, 2012 at 5:17 PM, Cliff Kachinske <[email protected]> wrote: > curiouslearn > > I agree it's a good idea to learn as much as you can about the underlying > database. > > That said, you need to learn about sql injection and perhaps other MySQL > attack vectors before making your application public. > > See, for example xkcd.com/327/ > > > On Friday, August 17, 2012 12:17:48 AM UTC-4, curiouslearn wrote: >> >> Hello pbreit, >> >> Thanks, I will look into that. After posting I realized, I have the same >> question for css style files and js files. Where can I store those? Can I >> just store them in one application, and call them using URL() function? Is >> that the best way, or is there something better? >> >> I am new to tools and technologies related to web-development (MySQL) >> being one of them. For some reason I have this feeling that it is important >> to have some basic knowledge of SQL and to learn how to handle some database >> (in this case MySQL) using the standard commands it provides. Hence, for >> practice I decided to make my apps using raw SQL. >> >> Thanks again for your response. Hope you or someone can suggest something >> for css/js files. >> >> Thank you. >> >> On Friday, August 17, 2012 12:05:59 AM UTC-4, pbreit wrote: >>> >>> I guess site-packages: >>> http://web2py.com/books/default/chapter/29/4?search=site-packages >>> >>> But why oh why aren't you using DAL? > > -- > > > --
