1. Home
2. Questions
3. AI Assist Labs
4. Tags
6. Challenges
7. Chat
8. Articles
9. Users
11. Jobs
12. Companies
13. Collectives
14. Communities for your favorite technologies. Explore all Collectives
Stack Internal

Stack Overflow for Teams is now called Stack Internal. Bring the best of human thought and AI automation together at your work.
Try for free Learn more
Stack Internal
Bring the best of human thought and AI automation together at your work. Learn more

Timeline for SQL Injection via input from escaped database entry possible?

6 events

when toggle format	what		by	license	comment
May 22, 2013 at 12:36	vote	accept	Sapd
May 15, 2013 at 16:59	comment	added	tadman		Escape any and all parameters for your query. There is no room for assumptions here. The cost of missing even a single injection bug can be enormous.
May 15, 2013 at 16:29	answer	added	user399666		timeline score: 2
May 15, 2013 at 16:29	answer	added	Explosion Pills		timeline score: 2
May 15, 2013 at 16:28	comment	added	Orangepill		Yes this is as subject to injection as much as when the user originally posted it. There is an argument for always sanitizing variables even if it comes from what you believe to be a trusted source
May 15, 2013 at 16:22	history	asked	Sapd	CC BY-SA 3.0