Django Book 翻译
菜单>:
TOC
返回
原文:
This vulnerability most commonly crops up when constructing SQL by hand from user input. For example, imagine writing a function to gather a list of contact information from a contact search page. To prevent spammers from reading every single email in our system, well force the user to type in someones username before providing her email address:
翻译:
这种危险通常在由用户输入构造SQL语句时产生。例如,假设我们要写一个函数,用来从通信录搜索页面收集一系列的联系信息。为防止垃圾邮件发送器阅读系统中的email,我们将在提供email地址以前,首先强制用户输入用户名。
备注:
译者: