[phorm] [Phorm:] Re: Protected against SQL Injection?
- From: webbbs@xxxxxxxxx
- To: support@xxxxxxxxx
- Date: 17 Aug 2004 19:40:24 -0000
The following new message has been posted on Phorm Support Forum at
<http://www.phorm.com/support/>.
***************************************************************************
MESSAGE: (#4271) Re: Protected against SQL Injection?
<http://www.phorm.com/support/?rev=4271>
AUTHOR: Holotech
DATE: August 17, 2004 at 3:40 p.m. EST
Reply To: (#4270) Protected against SQL Injection?
Author: GuanoLad
Date: August 16, 2004 at 10:35 p.m. EST
> My manager got an email via one of our Phorm forms
> that was someone attempting to hack in using something
> called SQL Injection. Is Phorm protected against that?
Yes, all values for db logging are enclosed in quotes, and all quotes in the
data are escaped.
***************************************************************************
This is an automatically-generated notice. If you'd like to be removed from
the mailing list, please visit Phorm Support Forum at
<http://www.phorm.com/support/>, or send your request to webbbs@xxxxxxxxxx If
you wish to respond to this message, please post your response directly to the
board. Thank you!
-------------------------------------------------
You are receiving this message because you are subscribed to the Phorm mailing
list. To send messages to the mailing list, simply send email to
phorm@xxxxxxxxxxxxx from the address you have subscribed. You may unsubscribe
from the list by sending email to phorm-request@xxxxxxxxxxxxx with
'unsubscribe' in the SUBJECT field.
Other related posts:
- » [phorm] [Phorm:] Re: Protected against SQL Injection?
