[ic] Form Input and Database Insert Safety, Interchange

Andrew N augustine.andrew at gmail.com
Sun May 21 23:47:29 EDT 2006


Hello.
I have a quick question.

I am going to take a form input from users to our web site and write a
database record based on it.  Pretty common I know.  I've done it
before, but now I am more concerned about security because the form
field that is being logged will go verbatim into the database.

I am running 4.9.5.  Is there a native tag or does someone have a
useful perl statement(s) that would strip out harmful characters and
avoid things like SQL bombs.

Thank you.


Andy



More information about the interchange-users mailing list