User talk:Jeblad/Archive 1

Security risks in Extension:DataTable
You stated in Extension:DataTable that the extension does not sanitize the SQL code (which is correct) and that therefore arbitrary SQL statements can be injected. Could you kindly provide an example of injecting a statement? RV1971 08:24, 8 September 2009 (UTC)


 * SQL code injection should be pretty strightforward. Usually you end the present statement as a NOP, adds one or several new statemens, and include an additional statement to do the normal work of the SQL statement. Search on the net for other examples. Usually there are a few key indikators that can be used to dismiss dangerous strings. Jeblad 09:46, 13 September 2009 (UTC)

Issues with Extension:RandomnInclude
Hi, just wanted to bring your attention to: Issue 1 and Issue 2 that were recently added. No burning rush, just wanted to make sure it was on your radar. Thank you for this extension. --SomaticJourney 13:45, 3 March 2010 (UTC)