|
-
Jan 15th, 2014, 03:34 AM
#5
Re: VB6 to PHP/MySQL Interface
The other concern I see is that the PHP blindly accepts SQL text and applies it to your database. This is almost as bad as just allowing direct database connections.
What if somebody sends queries to delete everything?
You should really create a query protocol to send requests that your script can validate for legal actions and then create its own SQL to carry out acceptable actions.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|