This is the revision history for sql injections in <matrix.org:#rAnyijhRxzFRfdjSHl:matrix.org>

factoid_idsubjectcopulapredicateauthornamespace
8627 sql injections is Avoid interpolating arbitrary text into SQL statements - see http://en.wikipedia.org/wiki/SQL_injection ; use placeholders, also see Text/Markup injection - http://shlomif-tech.livejournal.com/35301.html . rindolf <*:##NULL>
8626 sql injections is Avoid interpolating arbitrary text into SQL statements - see http://en.wikipedia.org/wiki/SQL_injection rindolf <*:##NULL>
8577 sql injections is use placeholders. always. apeiron <*:##NULL>
8576 sql injections is use placeholders. always. apeiron <*:##NULL>
5741 sql injections is http://en.wikipedia.org/wiki/SQL_injection - don't just do execute(".... WHERE username = '$username'") - use placeholders or if it fails - $dbh->quote() perlbot <*:##NULL>