[pLog-svn] php security: snoopy
Jon Daley
plogworld at jon.limedaley.com
Wed Jul 5 15:18:05 GMT 2006
That sounds good. I would also look for _POST, _GET, and HttpVar
stuff too.
On Wed, 5 Jul 2006, Ammar Ibrahim wrote:
> What I'm gonna do is to search for $this->_request->getValue and make sure
> that the Action has registered validators for every value that is being
> exported. This should fix all SQL injection problems.
>
> What do you think?
>
> Ammar
>
> On 7/5/06, Jon Daley <plogworld at jon.limedaley.com> wrote:
>>
>> Yes, although I assume there are more that we haven't discovered
>> yet.
>>
>> On Wed, 5 Jul 2006, Ammar Ibrahim wrote:
>> > Did we fix all the security problems that we know in 1.0.6?
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>
--
Jon Daley
http://jon.limedaley.com/
I always blame the software. Unless I wrote it.
Then I blame the hardware.
-- Forest Godfrey
More information about the pLog-svn
mailing list