(Btw, sorry for leaving ilia off this, but [EMAIL PROTECTED] isn't resolving and the mail server here is bugged atm and refusing to accept the message)
> -----Original Message----- > From: Ilia Alshanetsky [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 14, 2003 8:07 AM > To: moshe doron; [EMAIL PROTECTED] > Subject: Re: [PHP-DEV] Re: PHP 4.3.3RC3 Released > First of all this discussion bares to relevance to the 4.3.3 > release as sqlite > is NOT part of this release. Secondly this is just plain > silly. PHP is not > and is not responsible for validating input. If the user > chooses not to and > consequently leaves their scripts vulnreable to SQL injection > it is their > fault and their fault alone. It's insanely easy to make such mistakes though, and php.net is full of such problems (I found 2 in 15 minutes), so it's not a 'stupid developer' issue, as you guys make the same mistakes, and are extremely experienced. Why make such bugs massive security holes when with a good design in PHP itself, you can reduce them to often just minor errors, or even prevent their class 100%? I.e., you can do without snprintf and only use sprintf, but there's a reason for snprintf to exist, don't you agree? The problem is string compositing SQL queries. With a SQL command builder interface, query hacks don't occur. Right now, string compositing mysql queries with unvalidated input often results in just minor bugs, as from what I hear the mysql extention can't do chained queries yet, so there's no risk of someone injecting whatever SQL they choose, making it much harder to do evil. > Ability to chain queries is an extremely useful feature that > most database > systems support (even MySQL as of version 4.0). To cripple or > disable such > functionality would be absolute idiocy not to mention break backwards > compatibility to older versions where this was possible. If you want to allow chained queries, please consider only allowing them through a SQL command builder interface. They are just too dangerous to allow string composited queries to use. If you really care about security, deprecate string composited queries altogether in favor of a builder interface. That would eliminate a huge class of PHP hacks, and the need for the magic quotes system. Why not? -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
