[TYPO3-english] SQL Injection & Cross-site scripting
Iban Cardona i Subiela
icardona at serialnet.net
Wed Nov 16 16:40:12 CET 2011
Hello,
Thank you so much to all!
I think this link is very useful:
http://www.slideshare.net/dulepov/writing-secure-code
On 11/16/2011 03:30 PM, Jigal van Hemert wrote:
> Hi,
>
> On 16-11-2011 15:22, Peter Kühnlein wrote:
>> Since there are numerous ways to perform an sql-injection, you have to
>> protect your installation multiply. One thing might be the following
>> http://www.t3node.com/blog/prevent-sql-injection-in-typoscript-when-using-strings-from-get-parameters/
>>
>
> Since TYPO3 4.4 you can use markers in a CONTENT TypoScript object [1]
> to prevent SQL injections.
>
> [1]
> http://buzz.typo3.org/article/safety-and-flexibility-in-typoscript-queries/
>
--
* IBAN CARDONA I SUBIELA*
More information about the TYPO3-english
mailing list