David, I certainly appreciate your comments. I'm not seeing where I am vuln. To XSS, as I am using htmlentities on the output, but I did in fact forget to escape the input to the database - http://us.php.net/addslashes is the preferred method, right? - Jon > -----Original Message----- > From: thelist-bounces at lists.evolt.org [mailto:thelist- > bounces at lists.evolt.org] On Behalf Of David Dorward > Sent: Friday, January 18, 2008 2:52 PM > To: thelist at lists.evolt.org > Subject: Re: [thelist] [Easy as Pie] Working with a Database > > On 18 Jan 2008, at 22:25, Jon Hughes wrote: > > Third article in the series, let me know what you think: > > http://www.phazm.com/notes/easy-as-pie/easy-as-pie-working-with- > > database > > s > > I've only briefly skimmed it ... but: > > With the combination of your page header, and adverts, I have to > scroll down two full window lengths before I get to the content. > > The code is vulnerable to both SQL Injection and XSS attacks (this, > by itself, is, in my option, reason enough to remove it from the web > immediately). > > Your HTML form uses XHTML syntax. > > Blockquote elements can't directly contain character data in Strict > variants of (X)HTML. > > You use a while loop with a counter where a for loop would probably > be more appropriate. > > The LIMIT clause is a proprietary extension to SQL and probably > should be avoided. > > -- > David Dorward > http://dorward.me.uk/ > http://blog.dorward.me.uk/ > > > -- > > * * Please support the community that supports you. * * > http://evolt.org/help_support_evolt/ > > For unsubscribe and other options, including the Tip Harvester > and archives of thelist go to: http://lists.evolt.org > Workers of the Web, evolt !