[postmodern-devel] sql injection
Hi How susceptible is dao objects to sql injection and what measures would be suggested to prevent sql injection if it is possible with dao objects. Thank You
Hi Phil,
How susceptible is dao objects to sql injection and what measures would be suggested to prevent sql injection if it is possible with dao objects.
Unless I made a major blunder somewhere, proper use of s-sql and dao objects are completely safe from sql injection. (Improper use would be inserting an unescaped string using the :raw operator.) Best, Marijn
Thanx that is good news i dont use the :raw operator. On Fri, 2010-06-25 at 10:55 +0200, Marijn Haverbeke wrote:
Hi Phil,
How susceptible is dao objects to sql injection and what measures would be suggested to prevent sql injection if it is possible with dao objects.
Unless I made a major blunder somewhere, proper use of s-sql and dao objects are completely safe from sql injection. (Improper use would be inserting an unescaped string using the :raw operator.)
Best, Marijn
_______________________________________________ postmodern-devel mailing list postmodern-devel@common-lisp.net http://common-lisp.net/cgi-bin/mailman/listinfo/postmodern-devel
参加者 (2)
-
Marijn Haverbeke -
Phil Marneweck