[TYPO3] Adding page content dynamically
Dmitry Dulepov
typo3 at accio.lv
Thu Sep 14 14:51:16 CEST 2006
Tomas Mrozek wrote:
>> By the way, this can be insecure.., If anyone passes something, which is
>> not integer, it would be bad.
>
> Doesn't TYPO3 sanitize its queries?
It sanitizes its *own* queries. But user is responsible for his queries.
Fortunately, you can solve it easily:
andWhere.intval = 1
--
Dmitry Dulepov
http://typo3bloke.net/
"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)
More information about the TYPO3-english
mailing list