[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [PROGRAMMERING] Re: håndtere fejl i mysqlquerys



sslug@sslug (Adam Sjøgren) writes:

> Hva' sker i dit program hvis brugeren indtaster dette som regulært
> udtryk:
>
>  .*"; DELETE FROM customer LIMIT 1000; SELECT * FROM customer WHERE companyname = "haha
>
> eller lignende?

I perl ville man bruge sql-placeholders. Det kan man tilsyneladend
eikke i mysql., der skal man selv escape sin streng med
mysql_real_escape_string();


-- 
 Peter Makholm     |    Yes, you can fight it, but in the end the ultimate
 sslug@sslug |                           goal of life is to have fun
 http://hacking.dk |                                     -- Linus Torvalds


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 22:44 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *