Re: Auditing Code (security wise) |
Subject: Re: Auditing Code (security wise) by Dave_L on 2007/12/10 12:27:19 I don't think queryf bypasses the text sanitizer; it just allows non-SELECT queries, such as UPDATE and INSERT, to be done when processing a GET request. But I agree that queryf should only be used in special situations when it's really needed. |