"Marcus BöRger" <[EMAIL PROTECTED]> wrote in message > md> http://www.phpbuilder.com/mail/php-developer-list/2003022/0062.php > > Bullshit. > > If the cracker can change one of your sql statements he already has access to > your machine. In that case he wouldn't bother changing your sql statements. >
that's the point. if the cracker can change only the end of the query, it's not so usefull for him (he can maximum get other id) but if he can chain totally new query, he may or may no bother changing your sql statements.... moshe. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
