SQL Escape Chars
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Wed Feb 13 17:44:13 CET 2008
Hi,
Am I right in thinking that most alpha numeric characters are escaped
before being inserted into SQL databases, and that the resultant string
is =<Ascii value as hex> ?
For example, the Reply-Message 'HP Networking equipment makes me sad,
angry and staby.' would be entered as 'HP Networking equipment makes me
sad=2C angry and staby.'
Or is it just sensitive SQL chars that are written in this form ? Is
this going to change at some point in the future, or can I safely start
replacing these with HTML special when displaying FreeRADIUS'd
attributes ...
--
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk)
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
More information about the Freeradius-Users
mailing list