addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgooglegroupshelp-with-circleimageimagesinstagramFill 1linklocation-pinm-swarmSearchmailmessagesminusmoremuplabelShape 3 + Rectangle 1ShapeoutlookpersonJoin Group on CardStartprice-ribbonShapeShapeShapeShapeImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruserwarningyahoo

Paranoid about database access - have I entered safety or overkill

From: David M.
Sent on: Friday, January 16, 2009 4:38 PM
Not sure how to even test this, so I'm asking...

I am using a function for database queries that executes the query but tracks all errors into a database with lots of extra information (customer request).

If I have this function (or further down the road, a class/object) in a file (let's call it 'clean_access.php'), is it possible for someone to 'use' this function?
  - for example, can someone 'pass' variables to it from outside the site/domain and have the function 'process' these variables?

Curiouser and curiouser,
David

Our Sponsors

  • PluralSight

    PluralSight subscriptions for developer training

  • O'Reilly

    Disc Code: PCBW is good for 40% off print and 50% off ebooks and videos

  • JetBrains PhpStorm

    Occasional free licenses to raffle off at meetups

  • DynaTrace

    Find yourself, promote yourself, stay true to yourself.

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy