|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re[2]: Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!)
From: Benjamin Schulz (lists
hnc.cc)
Date: Wed May 14 2003 - 07:57:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Rynho,
> if(!isset($cid) || $cid == NULL || $cid == "" || !is_numeric ($cid))
> {
> echo "I don't like you >:|";
> exit();
> }
you know that $cid == NULL equals $cid == ""? (int)0, too btw.
either check $cid == '' (what is 0 & NULL, too)
or $cid === NULL || $cid === '',
or empty($cid)
Mit freundlichen Gruessen / Kind regards
--
Benjamin Schulz
There are 10 types of people: those who understand binary and
those who don't.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]