and (hopefully,) a final update...
On Tue, Jul 19, 2005 at 10:52:43AM +0200, Martin Schulze wrote:
> > 2 is trickier. we could either repeat the process i'm about finished
> > with wrt mysql_foo for all the functions that pass variables to
> > mysql_foo, or we could do the sanity checking in the
Sean Finney wrote:
> On Tue, Jul 19, 2005 at 07:54:31AM +0200, Martin Schulze wrote:
> > Ok, I'll wait.
>
> so, a 6 hour plane flight later, i've learned 3 things:
>
> 1 - there are a number of other variables that also need to be included.
> 2 - there are a number of calls where variables are in
On Tue, Jul 19, 2005 at 07:54:31AM +0200, Martin Schulze wrote:
> Ok, I'll wait.
so, a 6 hour plane flight later, i've learned 3 things:
1 - there are a number of other variables that also need to be included.
2 - there are a number of calls where variables are indirectly passed
to mysql_foo
On Thu, Jul 14, 2005 at 07:10:30PM +0200, Martin Schulze wrote:
> Sean Finney wrote:
> > i guess i didn't in the email updating this, but did so in sanitize.php
> > itself:
>
> Yes, I saw that later. I hope, my tone wasn't too harsh.
my skin is fairly thick :)
> Yes, but the woody version does
4 matches
Mail list logo
