On 8 November 2013 09:45, Tim Delaney <timothy.c.dela...@gmail.com> wrote:
> On 8 November 2013 09:18, Νίκος Αλεξόπουλος <nikos.gr...@gmail.com> wrote: > >> I feel a bit proud because as it seems i have manages to secure it more >> tight. All i need to do was to validate user input data, so the hacker >> won't be able again to pass bogus values to specific variables that my >> script was using. >> > > So we now have confirmation that Nikos' site is subject to SQL injection > attacks on anything that he is not specifically validating. And I'm > absolutely sure that he has identified every location where input needs to > be validated, and that it is impossible to get past the level of validation > that he's doing, so the site is completely secure! Just like the last time > he claimed that (and the time before, and the time before that ...). > Not to mention the idiocy of exposing your web server logs to the outside world ... (no - I didn't go there - I want no chance of getting malware from his site). Tim Delaney
-- https://mail.python.org/mailman/listinfo/python-list
