This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Template:Application Security News"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
* [[http://www.newsforge.com/article.pl?sid=06/05/23/2141246 | Custom escaping considered harmful]] "Applications using 'ad-hoc methods to "escape" strings going into the database, such as regexes, or PHP3's addslashes() and magic_quotes' are particularly unsafe. Since these bypass database-specific code for safe handling of strings, many such applications will need to be re-written to become secure."
+
* '''[[http://www.newsforge.com/article.pl?sid=06/05/23/2141246 | Custom escaping considered harmful]]''' - "Applications using 'ad-hoc methods to "escape" strings going into the database, such as regexes, or PHP3's addslashes() and magic_quotes' are particularly unsafe. Since these bypass database-specific code for safe handling of strings, many such applications will need to be re-written to become secure."

Revision as of 12:01, 24 May 2006

  • [| Custom escaping considered harmful] - "Applications using 'ad-hoc methods to "escape" strings going into the database, such as regexes, or PHP3's addslashes() and magic_quotes' are particularly unsafe. Since these bypass database-specific code for safe handling of strings, many such applications will need to be re-written to become secure."
Retrieved from "https://wiki.owasp.org/index.php?title=Template:Application_Security_News&oldid=3346"