Re: [Gnumed-devel] Commas

gnumed-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] Commas

From:	Horst Herb
Subject:	Re: [Gnumed-devel] Commas
Date:	Thu, 26 Jun 2003 16:55:19 +1000
User-agent:	KMail/1.5.2

On Thu, 26 Jun 2003 16:30, Karsten Hilbert wrote:
> There's also a few other "malicious" things that need to be quoted
> that would form the basis of an SQL injection attack: " '); delete
> * from ...;" added to some value.

Why worry about that?
We cannot prevent the user from executing arbitrary SQL comands anyway.
The backend catches such changes in the audit trail.

Horst

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnumed-devel] Commas, Ian Haywood, 2003/06/26
- Re: [Gnumed-devel] Commas, Karsten Hilbert, 2003/06/26
  - Re: [Gnumed-devel] Commas, Horst Herb <=
    - Re: [Gnumed-devel] Commas, Karsten Hilbert, 2003/06/26

Prev by Date: Re: [Gnumed-devel] Commas
Next by Date: Re: [Gnumed-devel] Commas
Previous by thread: Re: [Gnumed-devel] Commas
Next by thread: Re: [Gnumed-devel] Commas
Index(es):
- Date
- Thread