On Thu, 14 Aug 2003, moshe doron wrote:
> > E.g.,
> >
> > $id = "0; drop bar";
> > lamesql_query("select foo from bar where id = $id");
> >
> that's the mysql way....
> with sybase style (used by sqlite), the is no need to separator, makes the
> detection even harded.
uhm? SQLite definitely needs a seperator there.
Derick
--
"Interpreting what the GPL actually means is a job best left to those
that read the future by examining animal entrails."
-------------------------------------------------------------------------
Derick Rethans http://derickrethans.nl/
International PHP Magazine http://php-mag.net/
-------------------------------------------------------------------------
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
