[TYPO3-english] SQL Injection & Cross-site scripting

Jigal van Hemert jigal at xs4all.nl
Wed Nov 16 15:30:05 CET 2011


On 16-11-2011 15:22, Peter Kühnlein wrote:
> Since there are numerous ways to perform an sql-injection, you have to
> protect your installation multiply. One thing might be the following
> http://www.t3node.com/blog/prevent-sql-injection-in-typoscript-when-using-strings-from-get-parameters/

Since TYPO3 4.4 you can use markers in a CONTENT TypoScript object [1] 
to prevent SQL injections.


Kind regards / met vriendelijke groet,

Jigal van Hemert.

More information about the TYPO3-english mailing list