Apostrophe in username

Dom Latter freeradius-users at latter.org
Fri Nov 2 12:45:39 CET 2018



On 02/11/2018 11:37, Alan DeKok wrote:
> On Nov 2, 2018, at 7:32 AM, Dom Latter <freeradius-users at latter.org>
> wrote:
>> 
>> I beg to differ - it mime-encodes.
> 
> It escapes things.  The method used is less important.

It's rather important if you are trying to look up a username
that contains an apostrophe!

> It would be *much* preferable to use the mysql_real_escape_string
> function.  That way all knowledge of what to escape is inside of the
> MySQL code, where it belongs.

I completely agree.  But it's a question of how much budget the
customer is prepared to throw at what is essentially a minor problem.


More information about the Freeradius-Users mailing list