15 Nov
2007
15 Nov
'07
3:05 p.m.
1. You want to take a look at pseudo variable transformations and its escape features. http://www.openser.org/dokuwiki/doku.php/transformations:1.2.x
2. Try to avoid raw SQL queries.
regards klaus
IƱaki Baz Castillo schrieb:
Hi, could somebody tell me which characteres are allowd in a SIP URI? which RFC defines it?
I ask it because I do a DB query with $ru so a SQL injection it's possible if RURI contains single or double '
So at the begining of the script I'd like to reject a message if the RURI contains illegal symbols.
Could be useful a core function for this?
Regards.