ext_273248 ([identity profile] szasz.livejournal.com) wrote in [personal profile] moominmolly 2007-10-10 04:23 pm (UTC)

Ouch.

I wrote a dorm network management system based on Perl and MySQL years ago. I was pretty careful to feed all the form inputs to DBI::quote(), but apparently not careful enough. No one was cruel enough to slip in a DROP TABLE, but I did get a couple of snotty mails including bits of database rows that no one should be able to see.
(17 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.