iRev Input Validation Libraries
Monte Goulding
monte at sweattechnologies.com
Sat Sep 18 18:12:10 EDT 2010
> just to clarify:
> active record database queries are escaped automatically by revIgniter,
> not by the server engine. Obviously the revIgniter user guide is
> capable of being misunderstood here. I will change that.
Sorry Ralf, I love your work but this is not a misunderstanding. It's clearly written at the bottom of this page:
http://revigniter.com/userGuide/database/queries.html
The secondary benefit of using binds is that the values are automatically escaped, producing safer queries. You don't have to remember to manually escape data; the engine does it automatically for you.
Cheers
--
Monte Goulding
M E R Goulding Software Development
Bespoke application development for vertical markets
InstallGadget - How to create an installer in 10 seconds
revObjective - Making behavior scripts behave
More information about the use-livecode
mailing list