Hi folks,
Can someone point me to some good information/how-to-guide/etc for sanitizing files uploaded to a MySQL database through a web interface? (This would be something much like the "Insert data from a textfile into table" function in phpMyAdmin.) I want to make sure there aren't any nasty queries inserted into the tab-delimited data.
I.e., don't let this happen to you: http://xkcd.com/327/
Is this whole-file sanitization any different than the sort of thing you might use for individual pieces of data? E.g.
http://www.denhamcoote.com/php-howto-sanitize-database-inputs
Any advice would be appreciated.
Thanks!
Ken
|