Andreas Wacker

It turns out that using mysql_real_escape_string on import_request_variables you end up with tripple quotes. That\’s the problem with hacks instead of fixes: They leave a slight taste of problems. And room for people to inject some stuff.

This entry was posted on Friday, January 25th, 2008 at 12:15 am and is filed under technology. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.