Quote:
Originally Posted by halfpint
trouble is its the users that are using ' and not " when they are typing things like mod's
|
Like woj said, those users can do more than just cause an error, a few cleverly placed 's from malicious users and you can kiss your data goodbye. I wrote this a few weeks ago:
http://www.embracer.com/2009/databas...sql-injections