I guess I should proof on the server then. Very well -----Original Message----- From: Paul Bennett [mailto:paul at teltest.com] Sent: Tuesday, February 04, 2003 2:11 PM To: thelist at lists.evolt.org Subject: Re: [thelist] PHP tip Rob Whitener wrote: >Thanks for the enlightenment, I found a whitepaper on SQL injections >(http://www.spidynamics.com/papers/SQLInjectionWhitePaper.pdf) in case >anyone else needs the info. > >Also, if I check everything on the client side before I submit it to my php >script would that alleviate the threat of sql injection? > No, turn off javascript and "poof" goes all your cunning form checking -- Paul Bennett Internet Developer Teltest Electronic Design -------------------------- Phone : 64 4 237 0767 Web : http://www.teltest.com Wap : http://wap.teltest.com Email : paul at teltest.com -------------------------- -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !