15 Nov
2007
15 Nov
'07
4:05 p.m.
1. You want to take a look at pseudo variable transformations and its
escape features.
http://www.openser.org/dokuwiki/doku.php/transformations:1.2.x
2. Try to avoid raw SQL queries.
regards
klaus
IƱaki Baz Castillo schrieb:
Hi, could somebody tell me which characteres are
allowd in a SIP URI? which
RFC defines it?
I ask it because I do a DB query with $ru so a SQL injection it's possible if
RURI contains single or double '
So at the begining of the script I'd like to reject a message if the RURI
contains illegal symbols.
Could be useful a core function for this?
Regards.