[Typo3] Re: How to send form data to Page PHP Content

Mark Gillingham markgill at uwalumni.com
Thu Apr 14 03:06:19 CEST 2005


Jens Scheidtmann wrote:
> 
> Doesn't create this a SQL Injection vulnerability?
> Shouldn't one use mysql(_real)_escape_string?
> 
> http://php.net/mysql_real_escape_string
> http://php.net/mysql_escape_string
> 
> Jens
> 

Thank you for pointing this out. I wouldn't have discovered this 
on my own in this timely manner.

Mark



More information about the TYPO3-english mailing list