• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Will Insensitive Like become potential sql injection?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Will Insensitive Like become potential sql injection?

  • Subject: Will Insensitive Like become potential sql injection?
  • From: "Yung-Luen Lan" <email@hidden>
  • Date: Thu, 28 Aug 2008 23:50:04 +0800
Hi,

I want to match my email case-insensitively, it seems that the easiest
way is using ERXQ.ILIKE.

I wonder if that will introduce SQL injection vulnerability into my system:
assuming adversary have * or % in his email address query string, will
that hurt my database security?

Regards,
yllan
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Will Insensitive Like become potential sql injection?
      • From: Mike Schrag <email@hidden>
  • Prev by Date: Re: open programmatically a component in a new browser window
  • Next by Date: Re: Will Insensitive Like become potential sql injection?
  • Previous by thread: Re: FrontBase reverse engineering with WOLips
  • Next by thread: Re: Will Insensitive Like become potential sql injection?
  • Index(es):
    • Date
    • Thread