Thread: Generating automatic emails
View Single Post
  #7 (permalink)  
Old Nov 27th, 2006, 12:21
DennisK DennisK is offline
Junior Member
Join Date: Nov 2006
Location: UK
Posts: 40
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy Re: Generating automatic emails
WOW....this very, very bad.

I just want to see if I have this right.

I have an sql database on my server.

Now, no one can access this database unless they have the password.

But what your saying is, if I make a request for some data, and instead of someone inputing, for example their email address, they could put in some special code which when returned to the database gets stored.

But these charcters are so special that when the database gets to them it crashes the sql interpreter in such a manner that it could crash through the database and delete all your data.

Is that correct???

DennisK
__________________
The one stop toy shop: www.toysofamerica.
Reply With Quote