Re: security question...


Do you know where your variables are?
	PerlMonks

Re: security question...

by ajt (Prior)

on Apr 25, 2003 at 08:42 UTC ( [id://253095]=note: print w/replies, xml )

Need Help??

in reply to security question, mysql, limit, dbi, and placeholders

I can't comment on the SQL, but the basic princiles of web input is DON'T TRUST USER INPUT. What you need to do is filter the input so that you let through only values you want to let through, rather than filtering out values you don't want.

See also:

Security?
Ovid's CGI Course: CGI Security
davorg's CGI Notes: CGI Security - *new link
Perl Training Australia: Perl CGI (PDF) Chapter six

*Added extra link.

--
ajt

Comment on Re: security question...

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://253095]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others perusing the Monastery: (2)

As of 2024-04-20 13:23 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found