On 8 November 2013 09:18, Νίκος Αλεξόπουλος <nikos.gr...@gmail.com> wrote:
> I feel a bit proud because as it seems i have manages to secure it more > tight. All i need to do was to validate user input data, so the hacker > won't be able again to pass bogus values to specific variables that my > script was using. > So we now have confirmation that Nikos' site is subject to SQL injection attacks on anything that he is not specifically validating. And I'm absolutely sure that he has identified every location where input needs to be validated, and that it is impossible to get past the level of validation that he's doing, so the site is completely secure! Just like the last time he claimed that (and the time before, and the time before that ...). Nikos, please please please do yourself and your customers a favour and quit your so-called "business". All you are doing is opening your customers up to potentially disastrous situations and yourself to lawsuits. It's not a question of *if*, but *when* one of your customers is compromised to the extent that they decide to take it out of you. Also, you're an embarrassment to our profession. Tim Delaney
-- https://mail.python.org/mailman/listinfo/python-list
