|
|
|
|
|
|
by sim0n
5124 days ago
|
|
|
This is the same with PHP. Be aware anyone using something like MongoDB, if you don't sanitize/cast your inputs, your app could be vulnerable. e.g. if you have the code: $collection->findOne( array( 'username' => $_POST['username'], 'password' => $_POST['password'] ) );
someone could POST something like username[$ne]='?'&password[$ne]='?' and login. |
|
|