On Dec 4, 2009, at 3:15 PM, iuri de araujo sampaio wrote:
reading the last discussion ...
aside the magic words from Don to just change $id to :id that would
solve the issue
and the nice and very conceptual answer from jeff i tried to play a
bit in attempt to understand and and practice the sqlinjection stuff
I tried to run the following tcl script
set id 1456
set sql_query "select * from acs_objects where object_id = :id"
set db [ns_db gethandle]
set selection [ns_db select $db $sql_query]
ns_db getrow $db $selection
but i got an error at [ns_db gethandle]
i ran the scripts from tcl page within directory www
how do i fix it?
Since you're doing this in an openacs instance, use the openacs db_*
API.
----
Don Baccus
http://donb.photo.net
http://birdnotes.net
http://openacs.org
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<lists...@listserv.aol.com> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
