Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Inconsistent escaping of problem characters for SQL (' & etc.)
02-25-2014, 03:14 PM (This post was last modified: 02-25-2014 03:14 PM by serakfalcon.)
Post: #3
RE: Inconsistent escaping of problem characters for SQL (' & etc.)
Quote:There needs to be a system wide solution in webERP to prepare data and escaping dependent on context, rather than lump everything together and treat the data the same way.

Yes, this exactly. On another related note, all the SQL queries inside the php to render the site is a little scary. MVC anyone? Or have I just been around developers who are a little too strict Huh

In my own case so far I've just gone into the SQL table and modified the offending entries, which has worked fine for me, the issue is, I shouldn't HAVE to do that.
Find all posts by this user
Quote this message in a reply
Post Reply 


Messages In This Thread
RE: Inconsistent escaping of problem characters for SQL (' & etc.) - serakfalcon - 02-25-2014 03:14 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)