the security string letter by
letter.
I think it is not very complicated to create that kind of file.
Teddy
- Original Message -
From: ben syverson [EMAIL PROTECTED]
To: modperl@perl.apache.org
Sent: Tuesday, February 15, 2005 10:33 PM
Subject: Re: securing web form interaction
On Feb 15
ben syverson wrote:
On Feb 15, 2005, at 12:02 PM, Jonathan Vanasco wrote:
preemptive defense of potential SQL injection attacks
Check out mod_security http://www.modsecurity.org -- it has this
built-in. (There's an intro here:
http://www.onlamp.com/pub/a/apache/2003/11/26/mod_security.html,
Can anyone give me some tips for securing web form interaction?
I'm looking specifically for 2 things:
preemptive defense of potential SQL injection attacks
'human only' readable gifs on forms to preemtively defent against
bots without using some crazed throttling scheme
On Feb 15, 2005, at 1:02 PM, Jonathan Vanasco wrote:
Can anyone give me some tips for securing web form interaction?
I'm looking specifically for 2 things:
preemptive defense of potential SQL injection attacks
See CGI::Untaint on CPAN for routine untainting.
Sean
Can anyone give me some tips for securing web form interaction?
I'm looking specifically for 2 things:
preemptive defense of potential SQL injection attacks
$dbh-quote() everything you can.
that too, assuming that your DBD supports them.
-Original Message-
From: Ian Joyce [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 15, 2005 2:09 PM
To: Adam Prime x443
Cc: Mod-Perl ((E-mail))
Subject: Re: securing web form interaction
On Tue, 15 Feb 2005 14:07:22 -0500, Adam Prime
Don't forget to create a sound file also that will contain the pass phrase,
because otherwise the blind visitors won't be able to use your site.
: Mod-Perl ((E-mail)) modperl@perl.apache.org
Sent: marti, 15 februarie 2005 21:09 PM
Subject: Re: securing web form interaction
On Tue, 15 Feb 2005 14:07:22 -0500, Adam Prime x443 [EMAIL PROTECTED]
wrote:
$dbh-quote() everything you can.
Or make it easy on yourself and just use placeholders
On Feb 15, 2005, at 1:20 PM, Octavian Rasnita wrote:
Don't forget to create a sound file also that will contain the pass
phrase,
because otherwise the blind visitors won't be able to use your site.
Wow -- this is a great idea -- do have any links to sites which
implement this? I'd like to see
Hi Folks I usually use placeholders in DBI. Is this
enough for avoiding SQL injections? Keywords:
Inject, SQL,
10 matches
Mail list logo