--- Ed Finkler <coj@xxxxxxxxxxxxxxxxx> wrote: > Volkan YAZICI wrote: > > [snip] > > > If you think, they're not enough for SQL-Injection > attacks, I'd advice > > you to patch libpq code, not PHP. > > This is very helpful information. My initial > thinking is that this > wouldn't be effective at catching SQL injections, > but I'll need to > bounce this off a few other folks. > > Thanks! do let us all know what you find out. bruno and all... what are bind parameters? how can i avoid building sql from user input when my sql depends on user input? tia... __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new Resources site http://smallbusiness.yahoo.com/resources/
