On Thu, 2008-07-17 at 15:46 -0500, Micah Gersten wrote: > What can help is if one app only has access to it's own DB. Also, for > mysql, there is the mysql_real_escape_string function for a reason. Well I agree with that of course... but the post by Stut indicated the interviewee thought he could punt all DB security to the DBA. Obviously it's important that the app developer use appropriate programming techniques to achieve security in conjunction with the DBA. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
