On Fri, 27 Aug 2004 18:29:50 -0400, Ryan Schefke <[EMAIL PROTECTED]>
wrote:
Thomas,
I'm not sure what your point is. Please expand.
Ryan
Do you really see nothing wrong with announcing to all users that they
can
run arbitrary SQL with your script?
well, the where clause in mysql is relativly
On Friday 27 August 2004 15:31, Ryan Schefke wrote:
First of all:
Using unsanitised data from forms and links is a VERY bad thing.
> Show
>
> Thank You Notes "Not Sent"
Two problems here:
1) URLs needs to be urlencode() appropriately
2) But your major problem is you're passing too
At 12:34 PM 2/11/2002 -0600, news.php.net wrote:
>My post values have backslashes added to them (such as to protect a
>double-quote).
>All the magic_quote_* settings are turned off in php.ini.
>Any ideas why this is happening?
As someone else has already mentioned, this setting could be coming fr
3 matches
Mail list logo
