Will Insensitive Like become potential sql injection?

Yung-Luen Lan Thu, 28 Aug 2008 08:50:12 -0700

Hi,

I want to match my email case-insensitively, it seems that the easiest
way is using ERXQ.ILIKE.


I wonder if that will introduce SQL injection vulnerability into my system:
assuming adversary have * or % in his email address query string, will
that hurt my database security?

Regards,
yllan
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      ([email protected])
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to [EMAIL PROTECTED]

Will Insensitive Like become potential sql injection?

Reply via email to