[Phpmyadmin-devel] Re: phpMyAdmin 'sql_query' Cross-Site Scripting and SQL Code Execution

19 Apr 2006


      On Thu, 20 Apr 2006 11:23:34 +0200 (CEST)
"Garvin Hicking" <phpmyadmin@supergarv.de> wrote:
...
Ah, I overread that. Yes, escaping SQL when displaying it would be wise.
This is already done and works fine.

-- 
	Michal Čihař | http://cihar.com