[thelist] PHP tip

rudy r937 at interlog.com
Tue Feb 4 12:47:02 CST 2003


> What kind of vulnerabilites? Security risks or design flaws?

perhaps both

do a google for "sql injection"

as for the design, you will surely someday have a form where one or more
fields are optional, in which case they will be empty, which will result in
your script trying to insert a zero-length string, which is not the right
value to insert into database fields that are optional (use NULL instead)


rudy




More information about the thelist mailing list