P is for Practical | |
PerlMonks |
Re: Use placeholders. For SECURITY!by theAcolyte (Pilgrim) |
on Nov 21, 2003 at 11:58 UTC ( [id://308853]=note: print w/replies, xml ) | Need Help?? |
Sorry for a pretty late reply to this post. While I agree with Tilly's post (using placeholders being a Good Thing) if your database is open to subjugation via sql injection, you ought to rethink a few things ... I don't have any "professional" programming education, but it became aparent to me on my first day of playing with mySQL that you ought to do two things when you have a database table storing credit card info on the web (or anything else that sensitive):
I would imagine, even if you don't understand the idea of placeholders, or preventing a sql injection attack, this ought to stop many potential problems. BTW, if I'm completely wrong, and these steps accomplish nothing, tell me. :-) - theAcolyte
In Section
Meditations
|
|