[sword-devel] diatheke security
mail at operis.org
Wed Feb 7 01:40:00 MST 2007
I try to make online Bible script using diatheke. I got problem- security.
Users can put everything in a search box on the web page, e.g.:
If I run such the command:
diatheke -b KJV -s phrase -k Jesus; ls /etc
I will get list of /etc directory.
I could check user input for characters other than letters a - z, but
users can enter Greek text or Hebrew.
Is here any "safe" way of using diatheke?
More information about the sword-devel