Re: Re: Selecting a special row from the database

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, May 8, 2007 6:54 am, Marcelo Wolfgang wrote:
> About the sql injection, the db user I set for this has only select
> privileges, should I be worried even with this ?

Only if you care about somebody constructing a query that snarfs down
your entire database so they can steal it...

Or if you ever decide to change that "read only" setting for a more
dynamic site, with user feedback, and suddenly you have a few zillion
queries to worry about...

This was all a not-so-subtle way of saying "YES" in case you missed it.

Good Practice is Good Practice

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux