Jump to content

  • Log In with Google      Sign In   
  • Create Account

#ActualNypyren

Posted 19 February 2013 - 10:58 PM

If you don't have a server, then it doesn't matter.  The security risk is when you have a client, a server, and allow the client to send arbitrary SQL commands to the server.  A malicious user notices this and then decides to just send whatever SQL command he wants, such as "select * from creditcards" (or whatever - you get the idea).

 

If you only have a client, and no server, the malicious user already has access to everything he could want, so whether you use SQL or not won't matter in that regard.


#1Nypyren

Posted 19 February 2013 - 10:55 PM

If you don't have a server, then it doesn't matter.  The security risk is when you have a client, a server, and allow the client to send arbitrary SQL commands to the server.  A malicious user notices this and then decides to just send whatever SQL command he wants, such as "select * from creditcards" (or whatever - you get the idea).


PARTNERS