We don't bite newbies here... much | |
PerlMonks |
Re: is this script secured enough from internet attacksby moritz (Cardinal) |
on Jun 10, 2011 at 12:23 UTC ( [id://909106]=note: print w/replies, xml ) | Need Help?? |
The antiInjection sub is bullshit. The real way to prevent SQL injections is to use prepared statements and placeholders, instead of disallowing use of some SQL keywords in data.
The checks for "forbidden characters" in the params depends on what you want to do with them eventually, so there's no way for us to assess if it's secure for your use case.
In Section
Seekers of Perl Wisdom
|
|