On-Rev mySQL security issues?

Björnke von Gierke bvg at mac.com
Sun Nov 27 06:40:35 EST 2011


comprehensive list:
https://www.owasp.org/index.php/Top_10_2010-Main

the top two entries should be understood at least on a basic level:
http://en.wikipedia.org/wiki/SQL_injection
http://en.wikipedia.org/wiki/Cross-site_scripting

Obviously some things do not apply to Rev-based code, but for example sql injections can happen, depending on how you code them, if you validate user inputs wrongly, and so on. It's a vast topic, and the easiest way to deal with it is to trust someone else to code properly, so RevIgniter might be the right thing to learn.


On 26 Nov 2011, at 16:51, Tim Selander wrote:

> Hi,
> 
> I'm beginning to learn how to use <?rev scripts to access mysql databases on my on-rev.com account.
> I am going to allow users to search a catalog, but no uploading and no data entry or data editing...
> What, if any, security problems do I need to consider? mySQL newbie...
> 
> Thanks,
> 
> Tim Selander
> Tokyo, Japan


-- 
Watch live presentations every Saturday:
http://livecode.tv

Use an alternative Dictionary viewer:
http://bjoernke.com/bvgdocu/

Chat with other RunRev developers:
http://bjoernke.com/chatrev/





More information about the use-livecode mailing list