Re: [support] Place holders in SQL query

11 Apr 2011


      OK,
Clearer understanding on the article and the function of db_placeholders,
thanks for the patience all.  Surprised a bit I didn't wind up on fire.
Warren Vail
-----Original Message-----
From: Greg Knaddison [mailto:greg@growingventuresolutions.com] 
Sent: Monday, April 11, 2011 9:34 AM
To: support@drupal.org
Cc: Warren Vail
Subject: Re: [support] Place holders in SQL query
On Mon, Apr 11, 2011 at 10:21 AM, Warren Vail warren@vailtech.net wrote:
...
Your article seems to suggest that the whole concept of db_placeholders is
not valid.  How would you do any query where parameters come from a form
without this vulnerability?
Please re-read the article and the comment on the article.
Thanks,
Greg
-- 
Greg Knaddison | 720-310-5623 | http://growingventuresolutions.com
http://masteringdrupal.com - Videos and Tutorials

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [support] Place holders in SQL query