Secure Coding mailing list archives
RE: Scripting Languages and Secure Coding + code
From: "Robert Shields" <rshields () star net uk>
Date: Fri, 05 Dec 2003 15:19:43 +0000
Hi, That sounds like a good arguement for parameterized queries. Regards, Rob Shields
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 04 December 2003 19:56 To: SC-L Cc: [EMAIL PROTECTED] Subject: Re: [SC-L] Scripting Languages and Secure Coding + code Hey, if you're using SQL there, the user may just enter '%' or any other wilcard char, which makes it a lot easier. When testing you'll find that this works with just too many apps.
This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk _____________________________________________________________________
Current thread:
- Re: Scripting Languages and Secure Coding + code Louis Solomon [SteelBytes] (Dec 05)
- <Possible follow-ups>
- RE: Scripting Languages and Secure Coding + code Robert Shields (Dec 05)
- Re: Scripting Languages and Secure Coding + code Andrew Rucker Jones (Dec 06)
- Re: Scripting Languages and Secure Coding + code M.K.Pai (Dec 08)