On Mon, 17 Feb 2003, Paul Querna wrote: > - Add end user SQL query as suggested on apache-dev
And or change the apr_pstrcat into things like select "%s" from %s with an apr_pstrNprintf( with a nice limit; as some of the values are from potentially doggy sources; such as .htaccess file made by possibly hostile users and from the network. > - Test Scalling/Stability Aye - you want to triple/double check your mysql_free()'s I'd guess. Or have one exit after the claim you go to with an 'return e' set to AUTH_USER_X Y or Z. Just to make it a bit more defensive. Or wrap inside a function or soemthing :-). You could also move/remove some of your DEBUG_AUTH_MYSQL to a APLOG_DEBUG; that may make more sense ? Dw,