Sisäänkirjautuminen| Uusi tunnus
FrontPage| Projects| Forums| Search|
^ DaoGen Forums: › Why? › PHP5? › Using ToString() with PHP › Next DaoGen version almost ready! › Create (insert) and Save (update) PHP examples › Support for numeric object types almost ready! › DaoGen 2.1.0 released! › Compliments and minor suggestion › variables within a class › Foreign key constraint in create() » Security issue!!! › auto-generated columns and create method › Oracle BLOB › DAO for cross-table queries › Please help me.. › Please use this forum for DaoGen related stuff › Call-time Pass-By-Reference › DaoGen 2.4.0 has been released! › How can I show relationships? › DaoGen & PHP 5 › PHP4 vs PHP5 and other considerations. › singleQuery example in php › Why are save and delete not synchronized? › Why are save and delete not synchronized? › DTD for generated XML › DaoGen 2.2.2 has been released! › DaoGen 2.0.2 is available. › For a thesis ?? › Extremely good idea ?? how can I ???? › Usability suggestions for DaoGen › Performance of DaoGen with Mapping tools › Performance with List › Some usage statistics › DaoGen 2.2.1 has been released! › Programming Examples are back! › DaoGen 2.0.1 is available. › Version 2.0.0 generates buggy PHP code! New version soon available! › Examples of DaoGen customizations › Code Examples
Sisäänkirjautuminen
» Käyttäjätunnus:
» Salasana:
» Muista kirjautuminen:
Suosituimmat sivut: › DaoGen Forums › Using ToString() with PHP › Programming Examples › DaoGen FAQ › PHP4 vs PHP5 and other considerations. › Create (insert) and Save (update) PHP examples › DaoGen Manual › Forums › Projects › DaoGen 2.1.0 released!
FrontPage » Forums » DaoGen Forums » Security issue!!!

Security issue!!!

Posted by anonymous 22.04.2006 00:55

Should check the sql queries before execute, but there is no such function in DaoGen.

Re: Security issue!!!

Posted by anonymous 09.10.2006 12:33

before calling dao's function, you can call mysql_real_escape_string translate the dangerase symbols.

Re: Re: Security issue!!!

Posted by anonymous 11.02.2008 23:22

> anonymous 09.10.2006 12:33
> before calling dao's function, you can call mysql_real_escape_string translate the dangerase symbols.

But Dao's function should calls mysql_real_escape transparently to user...