4 questions... which is basically all it comes to.. After all this
back and forth emails, I think we should nail down these questions
cause they are still not completely covered in my mind.
question 1
If you use the PHP filters & sanitizations, and you plan on using PDO
with binded params, are
On 1/23/2012 6:22 PM, Daniel Brown wrote:
ALL:
As you may have noticed, early this morning we got bored and
decided to delete php.net from the Internet. After getting an
estimated sixteen-point-four trillion complaints, we became
overwhelmed and aggravated by your incessant need to
> question 1
>
> If you use the PHP filters & sanitizations, and you plan on using PDO
> with binded params, are you absolutely safe? And if not, why? What are
> the other ways for them to still make it in - even with PD0 and binded
> params properly in place? Just curious.
There are no known expl
On Tue, Jan 24, 2012 at 11:53, Al wrote:
>
> Now, how about having the "some very talented folks" fix the severely
> restricted access to the NNTP server. Rarely can I download more than about
> 10 topics without a time out.
>
> Per your request several times over at least 2 years, I've filed bug
On 24 Jan 2012, at 16:53, Al wrote:
> Now, how about having the "some very talented folks" fix the severely
> restricted access to the NNTP server. Rarely can I download more than about
> 10 topics without a time out.
>
> Per your request several times over at least 2 years, I've filed bug repo
My reply is in >> delims.
> question 1
>
> If you use the PHP filters & sanitizations, and you plan on using PDO
> with binded params, are you absolutely safe? And if not, why? What are
> the other ways for them to still make it in - even with PD0 and bi
You don't need to store it in the database as b64, just undo the
encoding into your inputs
for the purpose of the explanation, this is language independent
b64e - encoding function
b64d - decoding function
pseudo code
given:
bad_num = ') union select * from foo --'
bad_str = ""
good_num = 1234
7 matches
Mail list logo
