[H-GEN] Server-side Aggregator
Michael Anthon
michael at anthon.net
Thu Feb 23 20:51:49 EST 2006
You could also get yourself a gmail account and use it's built in
aggregator...
On 2/24/06, Stephen Thorne < stephen.thorne at gmail.com> wrote:
>
> I don't like PHP, everyone knows this.
Lot's of people don't
I found two SQL injection bugs in gregarius, in 5 minutes.
But that's not really a PHP problem. The problem there is people with no
understanding of how to write safe database driven web interfaces. I could
personally write code in probably 4 or 5 languages that would be open to SQL
injection attacks. If you want to blame anyone here, blame MySQL for not
implementing bind variables [1]
Cheers,
Michael
[1] Not that binds are a panacea for this problem (since you can still screw
it up by not using binds) but it makes it a lot easier to do it properly in
the first place
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20060224/ac9f6bf9/attachment.html>
More information about the General
mailing list