Re^2: Prevent SQL Injection


Do you know where your variables are?
	PerlMonks

Re^2: Prevent SQL Injection

by davidj01 (Novice)

on Apr 10, 2008 at 16:14 UTC ( [id://679523]=note: print w/replies, xml )

Need Help??

in reply to Re: Prevent SQL Injection
in thread Prevent SQL Injection

Hi,

I've been updating my programs to use only place holders. I'm now looking at the next step.

"When you're outputting it as HTML, then HTML-encode it."

My question is naive but could you provide a couple of examples in order to clearly define what is meant by HTML-encode and in these examples show how one is handling any insecurities or difficult to display characters (I presuppose the single and dbl quote)

Thank-you
David J.

Comment on Re^2: Prevent SQL Injection

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://679523]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others pondering the Monastery: (6)

As of 2024-04-25 11:42 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found