[thelist] SQL Update CORRECTION

Jason Robbins evolt at whisky-fudge.org.uk
Fri Jul 16 09:08:13 CDT 2004


Been taking in what you guys have said with great interest.

Question - If I went through each string before using it as a parameter 
to search for quotes and either refussed to run the sql statement or 
deleted the quotes first - would that solve the majority of sql 
injection attacks?

Jas


More information about the thelist mailing list