[postmodern-devel] sql injection
Phil Marneweck
haragx at gmail.com
Fri Jun 25 14:21:02 UTC 2010
Thanx that is good news i dont use the :raw operator.
On Fri, 2010-06-25 at 10:55 +0200, Marijn Haverbeke wrote:
> Hi Phil,
>
> > How susceptible is dao objects to sql injection and what measures would
> > be suggested to prevent sql injection if it is possible with dao objects.
>
> Unless I made a major blunder somewhere, proper use of s-sql and dao
> objects are completely safe from sql injection. (Improper use would be
> inserting an unescaped string using the :raw operator.)
>
> Best,
> Marijn
>
> _______________________________________________
> postmodern-devel mailing list
> postmodern-devel at common-lisp.net
> http://common-lisp.net/cgi-bin/mailman/listinfo/postmodern-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.common-lisp.net/pipermail/postmodern-devel/attachments/20100625/77942528/attachment.html>
More information about the postmodern-devel
mailing list