Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re^8: DBH Insert of Binary Data

by Joost (Canon)
on Mar 19, 2005 at 01:44 UTC ( #440846=note: print w/ replies, xml ) Need Help??


in reply to Re^7: DBH Insert of Binary Data
in thread DBH Insert of Binary Data

So now I'm getting curious: are there DBD drivers where you could get an SQL injection attack while still using the quote method correctly?

Just to make myself as clear as I can: I agree that using placeholders is usually the best and most efficient technique, but I am under the impression that using quote() would (or at least, should) catch all attempts of "breaking out of" an SQL value.

updated: s/attact/attack/


Comment on Re^8: DBH Insert of Binary Data
Replies are listed 'Best First'.
Re^9: DBH Insert of Binary Data
by jZed (Prior) on Mar 19, 2005 at 01:46 UTC
    > are there DBD drivers where you could get an SQL injection
    > attact while still using the quote method correctly?
    
    Not that I know of.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://440846]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (7)
As of 2015-07-30 00:51 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (269 votes), past polls