[support] Place holders in SQL query
Warren Vail
warren at vailtech.net
Mon Apr 11 17:10:38 UTC 2011
OK,
Clearer understanding on the article and the function of db_placeholders,
thanks for the patience all. Surprised a bit I didn't wind up on fire.
Warren Vail
-----Original Message-----
From: Greg Knaddison [mailto:greg at growingventuresolutions.com]
Sent: Monday, April 11, 2011 9:34 AM
To: support at drupal.org
Cc: Warren Vail
Subject: Re: [support] Place holders in SQL query
On Mon, Apr 11, 2011 at 10:21 AM, Warren Vail <warren at vailtech.net> wrote:
>
> Your article seems to suggest that the whole concept of db_placeholders is
> not valid. How would you do any query where parameters come from a form
> without this vulnerability?
Please re-read the article and the comment on the article.
Thanks,
Greg
--
Greg Knaddison | 720-310-5623 | http://growingventuresolutions.com
http://masteringdrupal.com - Videos and Tutorials
More information about the support
mailing list