Correct me if I am wrong, but it was my impression that any direct actions (insert actions, update actions) were safe from SQL injection if you used Witango/Terascript server, but that if you choose to use a direct DBMS statement, these ARE vulnerable to SQL injection.
___________________ Sent from my iPad 2 8) On Aug 21, 2011, at 7:03 PM, "Fogelson, Steve" <stevefogel...@askics.net> wrote: > Please share what you come up with. I am always interested in anything to do > with PCI compliance. > > Steve Fogelson > > From: Robert Shubert [mailto:rshub...@tronics.com] > Sent: Sunday, August 21, 2011 1:29 PM > To: Witango-Talk@witango.com > Subject: RE: Witango-Talk: Witango / TeraScript MySQL escape meta tag > > Steve, > > I’d like to look at your specific situation in more detail. Escaping of > values in SQL statements should be automatically handled by TeraScript Server. > > Robert > > From: Steve Briggs [mailto:st...@wowpages.com] > Sent: Sunday, August 21, 2011 11:30 AM > To: Witango-Talk@witango.com > Subject: Witango-Talk: Witango / TeraScript MySQL escape meta tag > > I need to convert a bunch of old TAF's for PCI compliance and I'm looking for > the easiest way to escape insert and update statements to avoid SQL > injections. Does anyone have a custom meta tag similar to PHP's > mysql_escape_string? i.e. <@MYSQLESCAPE <@POSTARG first_name>> > > Or any other suggestions as to the best way to go about this? > > Thanks! > > -- Steve > > > > > ************************************************** > Steve Briggs > Wow Pages > Portland, Maine > Longmont, Colorado > > 207-761-2450 > 888-325-5907 > > st...@wowpages.com > > ************************************************** > > > > > > > To unsubscribe from this list, please send an email to lists...@witango.com > with "unsubscribe witango-talk" in the body. > > To unsubscribe from this list, please send an email to lists...@witango.com > with "unsubscribe witango-talk" in the body. > To unsubscribe from this list, please send an email to lists...@witango.com > with "unsubscribe witango-talk" in the body. ---------------------------------------- To unsubscribe from this list, please send an email to lists...@witango.com with "unsubscribe witango-talk" in the body.
