Revision as of 16:09, 11 March 2008 by Tehmina
A few things need clarification:
- cookie - anything juicy? I can't remember what my problem was with this implicit object.
- <c:redirect> - splitting?
- <sql:query>, <sql:update> - injection? I couldn't get this to work.
- <sql:param> - if sql injection is possible then this would essentially work like prepared stmts right?