Posted by tg-php on 03/27/05 07:12

Thanks a ton, Chris & Chris! Clear, concise and informative answers are always the best :) I knew the basic theory but never looked into the specifics on what, exactly, could be harmful in cases like this. In cases of security 'common sense' isn't always helpful because it's the uncommon sense that'll bite you in the behind.

Thanks again!

-TG

= = = Original message = = =

Chris Ramsay wrote:
> This is excellent:
>
> http://www.shiflett.org/

I'm glad you think so. :-)

There's a free article there on SQL injection:

http://shiflett.org/articles/security-corner-apr2004

I'm always refining the methods in which I explain things like SQL
injection, so my replies on this thread might be as good or better than
that article. The article also has user comments at the bottom, so you
might find something useful there also.

Hope that helps.

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/


___________________________________________________________
Sent by ePrompter, the premier email notification software.
Free download at http://www.ePrompter.com.



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.8.3 - Release Date: 3/25/2005

[Back to original message]