On Mon, 15 Dec 2003, Tino Wildenhain wrote:
> Hi Scott,
>
> scott.marlowe schrieb:
> [...]
> >
> > print "<url goes here...>?orderby=".$flds[$i]."moreurlstuffhere???";
> >
> > Then, if the orderby is set when you build your query, just append it:
> >
> > if (isset($orderby)){
> > $query.= "order by ".$orderby"
> > }
> >
> > Add some directional control:
> >
> > if (isset($dir)){
> > if ($dir=="down") $query.=" DESC";
> > }
> >
> [...]
>
> This leads to a nice SQL-injection posibility.
> At least it has to made sure that no illegal
> data can be transported via $orderby
Actually, the $flds[] array var is internally generated, and you'll
notice that orderby is NOT a PHP var, but a field name.
Good point though, lots of folks "trust" user input without paying
attention to injection issues, which is one reason I always setup servers
with magic quotes on. :-)
