Serious question: if an attacker has the necessary access to modify the data in the table (because that is what it would take to cause a problem) or if someone installs a malicious module do I really have any way to stop it?
<br><br><div><span class="gmail_quote">On 6/19/06, <b class="gmail_sendername">Dries Buytaert</b> <<a href="mailto:dries.buytaert@gmail.com">dries.buytaert@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>On 19 Jun 2006, at 18:41, Earl Dunovant wrote:<br>> These fields are coming from the database, and the table is<br>> populated with data from <a href="http://Amazon.com">Amazon.com</a>. I prefer scrubbing it on the
<br>> way in (admittedly not doing that at the moment because I figured<br>> if you can hijack <a href="http://Amazon.com">Amazon.com</a>'s servers you're going to get me if<br>> you want to anyway). The fewer places I have to worry about it, the
<br>> better.<br><br>That doesn't work. People (or modules) could edit or modify the node<br>at any time, and then you'd be toast. :-)<br><br>--<br>Dries Buytaert :: <a href="http://www.buytaert.net/">http://www.buytaert.net/
</a><br><br></blockquote></div><br>