Sql-injection functions and techniques for escaping(take 3):
authorbradymiller <bradymiller@users.sourceforge.net>
Sat, 2 Mar 2013 07:45:37 +0000 (23:45 -0800)
committerbradymiller <bradymiller@users.sourceforge.net>
Tue, 5 Mar 2013 03:12:47 +0000 (19:12 -0800)
commitf33c777e8dcef6eb44dbfae6f44ab8d62c372dae
tree1fdd405dfe7de8fbec01b7df91dc688904b34581
parent4f63b1834f46bca385632e0134723baff1e17abd
Sql-injection functions and techniques for escaping(take 3):
1. When variables within limits
2. When variable for the sort order
3. When variable for an identifier
(all of these are things that are exceptions to standard binding/escaping)
interface/globals.php
library/formdata.inc.php
library/pnotes.inc