Thanx that is good news i dont use the :raw operator.
On Fri, 2010-06-25 at 10:55 +0200, Marijn Haverbeke wrote:
Hi Phil,
How susceptible is dao objects to sql injection and what measures would be suggested to prevent sql injection if it is possible with dao objects.
Unless I made a major blunder somewhere, proper use of s-sql and dao objects are completely safe from sql injection. (Improper use would be inserting an unescaped string using the :raw operator.)
Best, Marijn
postmodern-devel mailing list postmodern-devel@common-lisp.net http://common-lisp.net/cgi-bin/mailman/listinfo/postmodern-devel