[TYPO3-dev] macina_banner 1.4.1 diff
Lars Houmark
lars at houmark.com
Sat Jun 16 06:31:01 CEST 2007
On 16/06/07 2:02, in article
mailman.1.1181952173.21939.typo3-dev at lists.netfielders.de, "Christoh
Koehler" <christoph.koehler at gmail.com> wrote:
> So had I run it through intval first, I would have been okay?
Yes, in the case you expect the value to be a number an intval would be just
fine to insure against a SQL injection in the case.
To learn more, you should read the section about security in extentions in
your own extensions in [1].
Or even better. Read the entire [2]. Very good as good night reading, once a
week in 3 continues month ;)
[1]
http://typo3.org/documentation/document-library/core-documentation/doc_core_
cgl/4.1.0/view/1/5/
[2]
http://typo3.org/documentation/document-library/core-documentation/doc_core_
cgl/
- Lars
More information about the TYPO3-dev
mailing list