yup...a very predictable reply. just keep living in your fake dream but watch out. reality does bite!
On 9/6/07, Muhadly Acho <[EMAIL PROTECTED]> wrote: > > > LMFAO...seperti yg saya duga. > =============================== > Yes, I'm laughing your FA now.. :D > > > > hehe...saya perlu belajar ilmu yg ditunjukin di atas yaitu: ilmu ngeles. > > sudah jelas di post anda sebelumnya anda menyarankan filter sql keywords > spt > > drop, truncate, dll. > > anda juga mengatakan query filter (padahal filter juga salah, yg benar > itu > > escaping characters) > > bisa di ganti dengan db privilege utk masalah ini. > ======================================================== > Lihat post saya sebelumnya, dibagian script yg saya kasih: > > $arrstring = array ("insert", "select", "update", "delete", > "truncate","replace", "drop", " or ", ";", "#", "--", "=" ); > > > Disini saya ngga cuma menyaring sql command, tapi juga character2 spt > [--] dan [;] > Sekarang, siapa yang ngeles? anda sendiri men-judge saya ngga faham > betul sejauh mana peran db privillages dalam mengatasi SQL injection, > lalu saya tanya anda, apa yg bisa dilakukan SQL injection jika > privillagesnya di batasi? Anda ngga jawab, malah berseru kalau saya > tukang ngeles.. > > satu lagi, bagian mana yg saya bilang "QUERY FILTER" ?? saya ngga > pernah bilang Query Filter, saya bilang String Filter... Look > Einstein, baca dulu yg bener. > > well, ini namanya diskusi bung. Bukan masalah ngeles atau menang atau > kalah. Anda harus tau itu. > > > -- > www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia > Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] > > > Yahoo! Groups Links > > > > [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/ITCENTER/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/