Re: SQL Injection Queries in Perl/CGI

in reply to SQL Injection Queries in Perl/CGI

As hardburn pointed out, the code is fine. The query is parametrized, and therefore protected against (common) SQL injection. You can test if the statements are working by dumping the results of the query somewhere. Also, a 403 is returned by the web server. You can consult its logs to see what was passed.

Comment on Re: SQL Injection Queries in Perl/CGI

Replies are listed 'Best First'.
Re^2: SQL Injection Queries in Perl/CGI by Muskovitz (Scribe) on Dec 11, 2015 at 15:20 UTC
Thanks for replying... and yes hardburn when username/pasword is incorrect then there's an error message 'Username/Password is incorrect' yeah.. and i need to check my web server logs	[reply]

In Section Seekers of Perl Wisdom