Re: securing web form interaction

[prev] [thread] [next] [Date index for 2005/02/15]

From: Octavian Rasnita
Subject: Re: securing web form interaction
Date: 19:19 on 15 Feb 2005
Hi,

I usually use placeholders in DBI. Is this enough for avoiding SQL
injections?
I have made a simple test and I have seen that it seems to be enough, but...
I am not sure.

Thanks.

Teddy

----- Original Message ----- 
From: "Ian Joyce" <ian.joyce@xxxxx.xxx>
To: "Adam Prime x443" <aprime@xxxxxxx.xxx>
Cc: "Mod-Perl ((E-mail))" <modperl@xxxx.xxxxxx.xxx>
Sent: marti, 15 februarie 2005 21:09 PM
Subject: Re: securing web form interaction


On Tue, 15 Feb 2005 14:07:22 -0500, Adam Prime x443 <aprime@xxxxxxx.xxx>
wrote:
>
> $dbh->quote() everything you can.
>

Or make it easy on yourself and just use placeholders.

--Ian

(message missing)

securing web form interaction
Jonathan Vanasco 18:02 on 15 Feb 2005

Re: securing web form interaction
ben syverson 18:36 on 15 Feb 2005

Re: securing web form interaction
Arshavir Grigorian 14:41 on 16 Feb 2005

Apache::Request equivalent of CGI::Capture?
David Naughton 21:48 on 16 Feb 2005

Re: Apache::Request equivalent of CGI::Capture?
Adam Kennedy 01:52 on 17 Feb 2005

Re: Apache::Request equivalent of CGI::Capture?
Joe Schaefer 02:22 on 17 Feb 2005

Re: securing web form interaction
Sean Davis 18:40 on 15 Feb 2005

RE: securing web form interaction
Adam Prime x443 19:07 on 15 Feb 2005

Re: securing web form interaction
Ian Joyce 19:09 on 15 Feb 2005

Re: securing web form interaction
Octavian Rasnita 19:19 on 15 Feb 2005

Re: securing web form interaction
Perrin Harkins 20:24 on 15 Feb 2005

RE: securing web form interaction
Adam Prime x443 19:11 on 15 Feb 2005

Re: securing web form interaction
Malcolm J Harwood 21:19 on 15 Feb 2005

Re: securing web form interaction
Octavian Rasnita 19:20 on 15 Feb 2005

Re: securing web form interaction
ben syverson 20:33 on 15 Feb 2005

Re: securing web form interaction
Octavian Rasnita 08:10 on 16 Feb 2005

RE: securing web form interaction
Adam Prime x443 21:13 on 15 Feb 2005

Re: Apache::Request equivalent of CGI::Capture?
Stas Bekman 03:40 on 17 Feb 2005

Re: Apache::Request equivalent of CGI::Capture?
William McKee 14:49 on 17 Feb 2005

Generated at 11:21 on 20 Feb 2005 by mariachi v0.52