Do you know where your variables are? | |
PerlMonks |
Re: security question...by ajt (Prior) |
on Apr 25, 2003 at 08:42 UTC ( [id://253095]=note: print w/replies, xml ) | Need Help?? |
I can't comment on the SQL, but the basic princiles of web input is DON'T TRUST USER INPUT. What you need to do is filter the input so that you let through only values you want to let through, rather than filtering out values you don't want. See also:
*Added extra link. -- ajt
In Section
Seekers of Perl Wisdom
|
|