On Mon, Oct 16, 2006 at 04:36:56PM -0500, Peter Karman wrote:
> Bill Moseley scribbled on 10/16/06 4:27 PM:
> >On Mon, Oct 16, 2006 at 02:11:11PM -0700, Peter Karman wrote:
> >>>Looks like the new stringQuote() function in 2.4.4 could be causing the
> >I'm never a fan of quoting. FileFilter should fork/exec on non-windows
> >platforms, I think.
> it does get into a spiraling insanity when trying to escape the right chars
> on the right platforms.
The rule is to allow known good chars -- don't try and guess the bad
> perhaps we should remove stringQuote() altogether?
And replace it with fork.
FileFilter is ok for running binaries, but I hope people are not using
it to run, say, Perl.
I've been looking over a lot of PHP lately and I keep running into
regexps trying to remove "bad" characters. Doesn't PHP have bind
variables for the database? I keep finding sql injection potentials,
> Peter Karman . http://peknet.com/ . peter(at)not-real.peknet.com
Unsubscribe from or help with the swish-e list:
Help with Swish-e:
Received on Mon Oct 16 14:44:40 2006