Fwd: [Bug 9932] expose mysql_real_escape_string() function
Pete
pete at mollysrevenge.com
Thu Jan 5 15:46:00 EST 2012
Sorry guys, forwarded the wrong email in my last post re SQL injection -
here's the correct one.
---------- Forwarded message ----------
From: <rqcc-daemon at var.on-rev.com>
Date: Thu, Jan 5, 2012 at 4:31 AM
Subject: [Bug 9932] expose mysql_real_escape_string() function
To: pete at mollysrevenge.com
http://quality.runrev.com/show_bug.cgi?id=9932
michael.mccreary at runrev.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|major |enhancement
Status|UNCONFIRMED |NEW
Ever Confirmed|0 |1
------- Comment #1 from michael.mccreary at runrev.com 2012-01-05 06:31
-------
Hi Andre
Thanks very much for the report. I'm changing this to a an enhancement
request.
The function mysql_real_escape_string (and its equivalents for the other
database types) is called internally by revDB when passing data using
variable
lists (for an example, see the dictionary entry for revQueryDatabase).
This is
the preferred method for escaping data.
Warm Regards
Michael
--
Configure bugmail: http://quality.runrev.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are a voter for the bug, or are watching someone who is.
--
Pete
Molly's Revenge <http://www.mollysrevenge.com>
More information about the use-livecode
mailing list