WebApp Sec mailing list archives

RE: SQL injection

From: "Calderon, Juan C (CORP, DDEMESIS)" <Juan.Calderon () ddemesis ge com>
Date: Mon, 21 Apr 2003 14:30:14 -0400

********
how can i evade de slash???
********

PHP manual explains this
http://www.php.net/manual/en/ref.info.php#ini.magic-quotes-runtime

When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash 
automatically. If magic_quotes_sybase is also on, a single-quote is escaped with a single-quote instead of a backslash. 

hasta luego :)

Current thread:

SQL injection falcifer (Apr 20)
- Re: SQL injection Juan Carlos Reyes Muñoz (Apr 20)
- <Possible follow-ups>
- RE: SQL injection Calderon, Juan C (CORP, DDEMESIS) (Apr 21)