Just another Perl shrine | |
PerlMonks |
Re: Re: Sessions, Perl and MySQLby runrig (Abbot) |
on Mar 30, 2003 at 19:37 UTC ( [id://246762]=note: print w/replies, xml ) | Need Help?? |
you are passing raw user input to your DB...A serious concern here is that you can turn "where id = $something" into "where id = <anything> or 1=1" possibly letting anyone have admin access.
In Section
Seekers of Perl Wisdom
|
|