logo
Toggle navigation
Begin main navigation
About
Projects
Download
Documentation
Wiki
Forums
Log In
Go!
OpenACS – The Toolkit for Online Communities
:
Forums
:
OpenACS Q&A
:
Anti SQL Injection Example (Link)
: One Message
Begin main content
Forum OpenACS Q&A: Re: Anti SQL Injection Example (Link)
Search:
Back to OpenACS Q&A
2
:
Re: Anti SQL Injection Example (Link)
(response to
1
)
Posted by
Dirk Gomez
on
01/18/05 06:13 PM
The Oracle version of OpenACS uses bind variables and is not vulnerable to SQL injection attacks: the reason is that the SQL is parsed without *any* user input at all.
Can someone explain how this works in the PostgreSQL version?
3
:
Re: Re: Anti SQL Injection Example (Link)
(response to
2
)
Posted by
Malte Sussdorff
on
01/18/05 06:44 PM
To my knowledge exactly the same way.
Back to OpenACS Q&A
