Keep It Simple, Stupid | |
PerlMonks |
Re^3: SQL Injection myths under DBIby Jaap (Curate) |
on Apr 12, 2005 at 09:46 UTC ( [id://446905]=note: print w/replies, xml ) | Need Help?? |
Insults aside, tilly makes a good point here. You conclude that ONLY the ' is a problem because you could not find a problem with any other character/sequence. Now if anyone else finds a problem with any other character you are screwed. Generally speaking, it is better to ALLOW characters that you know are safe (whitelisting) than to DISALLOW characters that you know are unsafe.
In Section
Meditations
|
|