Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #48557

Re: Updating a filename's counter value failed each time

From Νίκος <support@superhost.gr>
Newsgroups comp.lang.python
Subject Re: Updating a filename's counter value failed each time
Date 2013-06-17 22:30 +0300
Organization GRNET - Greek Research and Technology Network
Message-ID <kpno5h$std$2@news.grnet.gr> (permalink)
References <kpne3k$1066$1@news.ntua.gr> <b290qpFm23aU1@mid.uni-berlin.de> <kpnj6o$av7$4@news.grnet.gr> <D5Jvt.58070$hJ.17171@fx19.am4>

Show all headers | View raw

On 17/6/2013 10:05 μμ, Alister wrote:
> You are correct Nicos, passing the values as a parameter list does
> protect you from SQL injection JT has made an error.

Even if the query is somehting like:

http://superhost.gr/cgi-bin/files.py?filename="Select....."

 From what exactly the comma protects me for?

What id=f the user passes data to filename variable throgh url?
Will comma understand that?
How can it tell form a normal filename opposes to a select statemnt 
acting as a filename value?



-- 
What is now proved was at first only imagined!

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Updating a filename's counter value failed each time Simpleton <support@superhost.gr> - 2013-06-17 19:39 +0300
  Re: Updating a filename's counter value failed each time MRAB <python@mrabarnett.plus.com> - 2013-06-17 18:40 +0100
    Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-17 20:51 +0300
  Re: Updating a filename's counter value failed each time John Gordon <gordon@panix.com> - 2013-06-17 17:40 +0000
  Re: Updating a filename's counter value failed each time jt@toerring.de (Jens Thoms Toerring) - 2013-06-17 17:54 +0000
    Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-17 21:06 +0300
      Re: Updating a filename's counter value failed each time jt@toerring.de (Jens Thoms Toerring) - 2013-06-17 18:32 +0000
        Re: Updating a filename's counter value failed each time MRAB <python@mrabarnett.plus.com> - 2013-06-17 19:47 +0100
          Re: Updating a filename's counter value failed each time jt@toerring.de (Jens Thoms Toerring) - 2013-06-17 19:16 +0000
            Re: Updating a filename's counter value failed each time Alister <alister.ware@ntlworld.com> - 2013-06-17 20:33 +0000
      Re: Updating a filename's counter value failed each time Alister <alister.ware@ntlworld.com> - 2013-06-17 19:05 +0000
        Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-17 22:30 +0300
          Re: Updating a filename's counter value failed each time Alister <alister.ware@ntlworld.com> - 2013-06-17 20:26 +0000
            Re: Updating a filename's counter value failed each time Alister <alister.ware@ntlworld.com> - 2013-06-17 20:43 +0000
    Re: Updating a filename's counter value failed each time Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-06-17 19:30 -0400
      Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-18 03:25 +0300
  Re: Updating a filename's counter value failed each time John Gordon <gordon@panix.com> - 2013-06-17 19:19 +0000
    Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-17 22:28 +0300
      Re: Updating a filename's counter value failed each time Alister <alister.ware@ntlworld.com> - 2013-06-17 20:39 +0000
        Re: Updating a filename's counter value failed each time John Gordon <gordon@panix.com> - 2013-06-17 20:44 +0000
          Re: Updating a filename's counter value failed each time Alister <alister.ware@ntlworld.com> - 2013-06-17 20:49 +0000
          Re: Updating a filename's counter value failed each time MRAB <python@mrabarnett.plus.com> - 2013-06-17 23:22 +0100
            Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-18 02:11 +0300
              Re: Updating a filename's counter value failed each time Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-06-17 21:42 -0400
                Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-18 08:49 +0300
                Re: Updating a filename's counter value failed each time Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-06-18 19:56 -0400
              Re: Updating a filename's counter value failed each time Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-06-17 22:01 -0400
  Re: Updating a filename's counter value failed each time Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-06-17 23:18 +0000
  Re: Updating a filename's counter value failed each time Νίκος <support@superhost.gr> - 2013-06-18 03:22 +0300

csiph-web