RE: [PHP-DB] storing images in database

[Chip Wiegand]

Thanks for all the tips guys. I'll keep the last couple for future 
reference.
--
Chip

Gareth Heyes <[EMAIL PROTECTED]> wrote on 01/26/2005 05:30:45 AM:

>  >> if(isset($_GET['id'])) {
>   >> $id=$_GET['id'];
>  >>  $query = "select bin_data, filetype from binary_data where id=$id";
> 
> This is a really bad example, anybody can inject your query with 
> malicious sql commands.
> Never trust user supplied data.
> 
> -- 
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php