Use parameterized queries - Githubissues

mapbox / osm-edit-report-deprecated

Report editing activity on OpenStreetMap

https://www.mapbox.com/osm-edit-report/

ISC License

5 stars 7 forks source link

Use parameterized queries #10

Closed ianshward closed 9 years ago

ianshward commented 9 years ago

To avoid any possibilities of SQL injection, parameterized queries should be used.

This should be used anywhere where you're using a variable in a query statement, for example:

Rub21 commented 9 years ago

@ianshward this task is done: https://github.com/mapbox/report-dt/blob/dev/load.js#L69-L70 screenshot from 2015-02-24 15 40 57

https://github.com/mapbox/report-dt/blob/dev/load.js#L119-L123 screenshot from 2015-02-24 15 42 07

https://github.com/mapbox/report-dt/blob/dev/server.js#L39-L41 screenshot from 2015-02-24 15 43 32

And others lines where I use sql code.

Rub21 commented 9 years ago

done, close here.