Michael Howard (and David LeBlanc) has a nice section in
"writing secure code" about encoding characters. In some
cases using char(0x27) as well as using entire words
encoded via 0xXXXXXXXXXX can be used. Watching for "'" is
not enough.
I think Michael is on this list.. any words Michael?
"writing secure code" about encoding characters. In some
cases using char(0x27) as well as using entire words
encoded via 0xXXXXXXXXXX can be used. Watching for "'" is
not enough.
I think Michael is on this list.. any words Michael?
On Thu,...
[ more ]