[support] query, like and %s
Michel Morelli
michel at ziobuddalabs.it
Sat Sep 5 07:34:36 UTC 2009
Ivan Sergio Borgonovo ha scritto:
>> But when i show the output of this query the result for q is
>> wrong. Is correct if I exec this code:
>>
>
> No, because it is prone to sql injection.
>
I know it. Don't consider me so stupid! It was to say that the query works.
If the solution is "%%%s%%" tnx for the reply.
M.
--
Michel 'ZioBudda' Morelli michel at ziobuddalabs.net
Sviluppo applicazioni CMS DRUPAL e web dinamiche (LAMP+Ajax)
Telefono: 0200619074
Telefono Cell: +39-3939890025 -- Fax: +39-0291390660
http://www.ziobudda.net ICQ: 58351764
http://www.ziobuddalabs.it Skype: zio_budda
http://www.ziodrupal.net MSN: michel at ziobuddalabs.it
JABBER: michel at ziobuddalabs.it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.drupal.org/pipermail/support/attachments/20090905/5fb240a4/attachment.htm>
More information about the support
mailing list