Why you should not accept data from users into a DB without checking it.
Exhibit A: "select manufacturer"
<OPTION value="FUJITSO">FUJITSO</OPTION>
<OPTION value="FUJITSU">FUJITSU</OPTION>
<OPTION value="FUJITSU SIEMENS">FUJITSU SIEMENS</OPTION>
<OPTION value="FUJITSU-SIEMEN">FUJITSU-SIEMEN</OPTION>
<OPTION value="FUJITSU-SIEMENES">FUJITSU-SIEMENES</OPTION>
<OPTION value="FUJITSU-SIEMENS">FUJITSU-SIEMENS</OPTION>
No comments:
Post a Comment