Re: Auditing Code (security wise)
Posted by Dave_L on 1197318439
I don't think queryf bypasses the text sanitizer; it just allows non-SELECT queries, such as UPDATE and INSERT, to be done when processing a GET request. But I agree that queryf should only be used in special situations when it's really needed.
This Post was from: https://www.impresscms.org/iforum/viewtopic.php?topic_id=618&post_id=5743