On Tue, May 8, 2007 6:54 am, Marcelo Wolfgang wrote: > About the sql injection, the db user I set for this has only select > privileges, should I be worried even with this ? Only if you care about somebody constructing a query that snarfs down your entire database so they can steal it... Or if you ever decide to change that "read only" setting for a more dynamic site, with user feedback, and suddenly you have a few zillion queries to worry about... This was all a not-so-subtle way of saying "YES" in case you missed it. Good Practice is Good Practice -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
