[CS-FSLUG] sql queries

Timothy Butler tbutler at ofb.biz
Sat Dec 20 18:24:44 CST 2008

> You will also need to read up on sql injection and do some  
> processing of $pg before using it in an query.  The example I just  
> presented is vulnerable to injection.

	And boy is that a pain! I've been slowly phasing out PHP-Nuke sites,  
because they seem to be a walking injection target -- even more recent  


Timothy R. Butler | "The yellow fog that rubs its back upon the window- 
Editor, OfB.biz   | The yellow smoke that rubs its muzzle on the  
tbutler at ofb.biz   | Licked  its  tongue  into the  corners  of  the   
timothybutler.us  | Lingered upon the pools that stand in drains."
T.S. Eliot

More information about the Christiansource mailing list