Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re^2: is this script secured enough from internet attacks

by tercoz (Acolyte)
on Jun 17, 2011 at 08:31 UTC ( #910098=note: print w/ replies, xml ) Need Help??


in reply to Re: is this script secured enough from internet attacks
in thread is this script secured enough from internet attacks

Thank you, I shall remove that sub. As I am new here I don't know how to give points, I want to thank you and other people for helping me(points), which way can i do so7


Comment on Re^2: is this script secured enough from internet attacks
Replies are listed 'Best First'.
Re^3: is this script secured enough from internet attacks
by Sewi (Friar) on Jun 17, 2011 at 19:24 UTC

    Prepared statements and placeholders don't always work as expected (for example FreeTDS has problems there).

    unpack could cover all injection attempts:

    'INSERT INTO foo(bar) VALUES(0x'.unpack('H*',$value).')'


      how does this unpack H* insert into work?

      there are no rules, there are no thumbs..
        Hex encoded data is [0-9A-F]
        $ perl -e " print unpack q[H*], join q[],@ARGV " 1 "<" 3 " Foo" 313c3320466f6f $ perl -e " print pack q[H*], join q[],@ARGV " 313c3320466f6f 1<3 Foo
        I doubt the pack tradeoff is preferable as a workaround for a problem in FreeTDS (which I doubt exists)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://910098]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (16)
As of 2015-07-31 17:04 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (279 votes), past polls