[ic] turn off error loggin for specific MySQL query (Form Security)

[Paul Jordan]

> > [tag flag write]mb_boxlist[/tag]
> >    [query table="mb_boxlist" sql=|
> >         INSERT     mb_boxlist
> >            SET     username = '[data session username]',
> >                    boxname = '[cgi n_name]',
> >                    password = '[cgi n_pass]',
> >                    description = '[cgi n_desc]'
> >       |][/query]
> > --------------------------------------------------------
>
>     If that is on your end-user side make sure you use a
> filter to sanitize
> that data before using it to build a query.
>
> Jeff

Thanks Jeff

I am glad you brought this up becuase I have been wanting to audit my
site for some time. Does this seem satisfactory (in example)?

    [cgi name=n_name filter="textarea_put entities"]

I also set my inputs to the bare minumum maxlenght. The ones in the
above are all < 20.

Thanks in advance

Paul