[Rails] SQL Injection Attacks
Michael Koziarski
koziarski at gmail.com
Mon Dec 6 20:26:59 GMT 2004
> Sounds like a good idea. I'd certainly be willing to adopt a patch that
> provided a method for using real bind variables. Preferably, it would
> coexist with the current sprintf formatting for backwards compatibility
> while taking over any ? for the binds.
>
> Who's up for this?
I'm willing to have a go at this, though my code will probably be
filled with java-isms.
Just so I'm not wasting anyone's time, is this the process I should follow:
1) Update my application to run with Edge Rails
2) Edit the code in vendor
3) svn diff -u
4) Attach to a trac ticket-thingy?
--
Cheers
Koz
More information about the Rails
mailing list