You don't need to store it in the database as b64, just undo the
encoding into your inputs
for the purpose of the explanation, this is language independent
b64e - encoding function
b64d - decoding function
pseudo code
given:
bad_num = ') union select * from foo --'
bad_str = ""
good_num = 1234
My reply is in >> delims.
> question 1
>
> If you use the PHP filters & sanitizations, and you plan on using PDO
> with binded params, are you absolutely safe? And if not, why? What are
> the other ways for them to still make it in - even with PD0 and bi
On 24 Jan 2012, at 16:53, Al wrote:
> Now, how about having the "some very talented folks" fix the severely
> restricted access to the NNTP server. Rarely can I download more than about
> 10 topics without a time out.
>
> Per your request several times over at least 2 years, I've filed bug repo
On Tue, Jan 24, 2012 at 11:53, Al wrote:
>
> Now, how about having the "some very talented folks" fix the severely
> restricted access to the NNTP server. Rarely can I download more than about
> 10 topics without a time out.
>
> Per your request several times over at least 2 years, I've filed bug
> question 1
>
> If you use the PHP filters & sanitizations, and you plan on using PDO
> with binded params, are you absolutely safe? And if not, why? What are
> the other ways for them to still make it in - even with PD0 and binded
> params properly in place? Just curious.
There are no known expl
On 1/23/2012 6:22 PM, Daniel Brown wrote:
ALL:
As you may have noticed, early this morning we got bored and
decided to delete php.net from the Internet. After getting an
estimated sixteen-point-four trillion complaints, we became
overwhelmed and aggravated by your incessant need to
4 questions... which is basically all it comes to.. After all this
back and forth emails, I think we should nail down these questions
cause they are still not completely covered in my mind.
question 1
If you use the PHP filters & sanitizations, and you plan on using PDO
with binded params, are
7 matches
Mail list logo
