-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
Platform: All, OS: All
There is no validation that the database table and user field specified are actually good. When you try to
send them to a prepared statement, it quotes them. Any ideas on how to do a better job for this?
Seems like a gaping hole.