Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

Re^8: DBH Insert of Binary Data

by Joost (Canon)
on Mar 19, 2005 at 01:44 UTC ( #440846=note: print w/replies, xml ) Need Help??


in reply to Re^7: DBH Insert of Binary Data
in thread DBH Insert of Binary Data

So now I'm getting curious: are there DBD drivers where you could get an SQL injection attack while still using the quote method correctly?

Just to make myself as clear as I can: I agree that using placeholders is usually the best and most efficient technique, but I am under the impression that using quote() would (or at least, should) catch all attempts of "breaking out of" an SQL value.

updated: s/attact/attack/

Replies are listed 'Best First'.
Re^9: DBH Insert of Binary Data
by jZed (Prior) on Mar 19, 2005 at 01:46 UTC
    > are there DBD drivers where you could get an SQL injection
    > attact while still using the quote method correctly?
    
    Not that I know of.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://440846]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (3)
As of 2017-08-20 11:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Who is your favorite scientist and why?



























    Results (315 votes). Check out past polls.

    Notices?