Sanitize user input: Difference between revisions
Content added Content deleted
Puppydrum64 (talk | contribs) m (Adjusted formatting for clarity) |
(→{{header|Phix}}: clarified sqlite3_bind_text and added rm -rf not practical note) |
||
Line 18: | Line 18: | ||
=={{header|Phix}}== |
=={{header|Phix}}== |
||
As noted there is no magic "one size fits all" solution, and in the specific case of sql the use of sqlite3_prepare() and sqlite3_bind_text() is strongly recommended in preference to sqlite3_exec() or sqlite3_get_table(), at least for any questionable input. Using sqlite3_bind_text() there is no problem whatsoever with having a student named (say) "Robert'); DROP TABLE students;--". |
|||
As noted there is no magic "one size fits all" solution, and in the specific |
|||
case of sql the use of sqlite3_prepare() and sqlite3_bind_text() is strongly |
|||
Given some suspect [Phix] source code to be run, it is simply not practical to cover cases such as system(rot13(reverse("se- ze"))) or any of the other myriad ways in which harmful content could be disguised. In case you have not guessed, that would execute "rm -rf", assuming the code also contains a working rot13() implementation. |
|||
recommended in preference to sqlite3_exec() or sqlite3_get_table(), at |
|||
least for any questionable input. |
|||
Of course you could block all use, even legitimate, of things like system(), as covered by [[Safe_mode]] and [[Untrusted_environment]]. |
|||
The inverse problem recently arose in p2js, whereby otherwise perfectly |
The inverse problem recently arose in p2js, whereby otherwise perfectly |