Hi all,
I'm working on the zabbix code and I need to add a SQL-query. I tried to use DBdyn_escape_string() to escape the SQL string, but it doesn't avoid my SQL injection at all (mysql).
Is this function supposed to do something different with a bad chosen function name?
If so, is there a funcion in zabbix, which escapes an SQL query for all db systems?
I'm pretty confused right now, seems to be a trivial mistake of mine
I'm working on the zabbix code and I need to add a SQL-query. I tried to use DBdyn_escape_string() to escape the SQL string, but it doesn't avoid my SQL injection at all (mysql).
Is this function supposed to do something different with a bad chosen function name?
If so, is there a funcion in zabbix, which escapes an SQL query for all db systems?
I'm pretty confused right now, seems to be a trivial mistake of mine