Vulnerability Development mailing list archives
Re: sql injection and php
From: Florian Weimer <Weimer () CERT Uni-Stuttgart DE>
Date: Wed, 29 May 2002 11:54:19 +0200
Jacek Lach <jlach () utopia pl eu org> writes:
Does the magic_quotes in php's configuration resolves the problem of sql injection?
It depends. If your database uses the same escaping strategy as PHP, it may be safe. -- Florian Weimer Weimer () CERT Uni-Stuttgart DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
Current thread:
- sql injection and php Jacek Lach (May 28)
- Re: sql injection and php Sverre H. Huseby (May 29)
- Re: sql injection and php Greg Hunt (May 29)
- Re: sql injection and php Sverre H. Huseby (May 29)
- Re: sql injection and php Greg Hunt (May 29)
- Re: sql injection and php Florian Weimer (May 29)
- Re: sql injection and php Sverre H. Huseby (May 29)
- Re: sql injection and php Jacek Lach (May 29)
- Re: sql injection and php Sverre H. Huseby (May 29)
- Re: sql injection and php Lincoln Yeoh (May 29)
- Re: sql injection and php Sverre H. Huseby (May 29)