WHY IS php-general@xxxxxxxxxxxxx PUBLISHING USER EMAIL ON THE INTERNET: http://www.google.co.uk/search?q=sumitphp5%40gmail.com&sourceid=navclient-ff&ie=UTF-8&rlz=1B3GGGL_enGB303GB303&aq=t On Fri, May 22, 2009 at 11:28 AM, Sumit Sharma <sumitphp5@xxxxxxxxx> wrote: > Thanks to [0] => Ashley, [1] =>Bruce, [2] => Michael, [3] => Shawn, [4] => > Eddie and php-general list for all your support from bottom of my heart. > > > Now it seems as if I will be able to design my project more secured than > before. If you get > any other idea please suggest me. > > > Thanks, > Sumit. > > > > > > > > ---------- Forwarded message ---------- > From: Michael A. Peters <mpeters@xxxxxxx> > Date: Fri, May 22, 2009 at 4:50 AM > Subject: Re: SECURITY PRECAUTION BEFORE SUBMITTING DATA IN DATABASE > To: Eddie Drapkin <oorza2k5@xxxxxxxxx> > Cc: php-general@xxxxxxxxxxxxx > > > Eddie Drapkin wrote: > > > Suhosin is completely not-related to SQL, though, I don't know why you'd > > bring it up... > > > > I brought it up because suhosin catches many exploits that otherwise get > through, including exploits that allow inclusion of remote files that can > then be used to run arbitrary commands on the server, send include files > (such as the db authentication script) as plain text, all kinds of nasty > can > result. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- Best Wishes A Williams
