Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
elchief
on April 4, 2012
|
parent
|
context
|
favorite
| on:
SQL Injection through HTTP Headers
Agreed, but even some ORMs (like Yii's ActiveRecord) don't validate the field name in the WHERE part in certain functions.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
