Re: Re: Sessions, Perl and MySQL


Just another Perl shrine
	PerlMonks

Re: Re: Sessions, Perl and MySQL

by runrig (Abbot)

Log in
Create a new user
The Monastery Gates
Seekers of Perl Wisdom
Meditations
Cool Uses For Perl
Obfuscation
Tutorials
Poetry
Illuminations
Reviews
Perl News
Donate
Recent Threads
Newest Nodes
Super Search
PerlMonks Discussion
What's New

on Mar 30, 2003 at 19:37 UTC ( [id://246762]=note: print w/replies, xml )

Need Help??

in reply to Re: Sessions, Perl and MySQL
in thread Sessions, Perl and MySQL

you are passing raw user input to your DB...

A serious concern here is that you can turn "where id = $something" into "where id = <anything> or 1=1" possibly letting anyone have admin access.

Comment on Re: Re: Sessions, Perl and MySQL Select or Download Code

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://246762]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others surveying the Monastery: (7)

GrandFather
marto
Tux
bojinlund
NodeReaper
CAdood
chatterbot

As of 2024-04-23 06:19 GMT

Sections^?

Seekers of Perl Wisdom
Cool Uses for Perl
Meditations
PerlMonks Discussion
Categorized Q&A
Tutorials
Obfuscated Code
Perl Poetry
Perl News
about

Information^?

PerlMonks FAQ
Guide to the Monastery
What's New at PerlMonks
Voting/Experience System
Tutorials
Reviews
Library
Perl FAQs
Other Info Sources

Find Nodes^?

Nodes You Wrote
My Watched Nodes
Super Search
List Nodes By Users
Newest Nodes
Recently Active Threads
Selected Best Nodes
Best Nodes
Worst Nodes
Saints in our Book

Leftovers^?

The St. Larry Wall Shrine
Offering Plate
Awards
Random Node
Quests

blogs.perl.org
Perlsphere
Perl Weekly
Perl.com
Perl Jobs
Perl Mongers
Perl Directory
Perl documentation
MetaCPAN
CPAN
Raku

Today I Learned

Voting Booth^?

No recent polls found