New Topic/Question
Reply
I just have a quick question...what is the best way to defend against or prevent SQL Injections??
10 Replies - 2248 Views - Last Post: 07 November 2012 - 07:12 PM
MultiQuoteReplies To: Question: What is the best way to prevent SQL Injections!?
#2
jon.kiparsky
- Pancakes!
-
Reputation: 5604
- Posts: 9,046
- Joined: 19-March 11
Re: Question: What is the best way to prevent SQL Injections!?
Posted 06 June 2012 - 08:04 AM
Take your SQL in pill form.
/rimshot
/rimshot
Was This Post Helpful?
4
#3
macosxnerd101
- Self-Trained Economist
-
Reputation: 9159
- Posts: 33,979
- Joined: 27-December 08
Re: Question: What is the best way to prevent SQL Injections!?
Posted 06 June 2012 - 02:17 PM
You can use Prepared Statements.
Was This Post Helpful?
4
#4
e_i_pi
- = -1
-
Reputation: 751
- Posts: 1,537
- Joined: 30-January 09
Re: Question: What is the best way to prevent SQL Injections!?
Posted 06 June 2012 - 04:10 PM
POPULAR
Lol, +1
Here's some tutorials on DIC by Dormilich that sugar-coat the experience for you. As much as Dormilich sugar-coats things anyhow:
Introduction to PDO
Be prepared for your database
Here's some tutorials on DIC by Dormilich that sugar-coat the experience for you. As much as Dormilich sugar-coats things anyhow:
Introduction to PDO
Be prepared for your database
Was This Post Helpful?
5
#5
evaaggy
- New D.I.C Head
Reputation: 1
- Posts: 4
- Joined: 12-June 12
Re: Question: What is the best way to prevent SQL Injections!?
Posted 12 June 2012 - 06:52 AM
If you are using asp.net then look at this tutorial. It gives the best practice to prevent sql injection
SqlClient
SqlClient
Was This Post Helpful?
0
#6
jammmie999
- D.I.C Head
Reputation: 3
- Posts: 116
- Joined: 01-April 09
Re: Question: What is the best way to prevent SQL Injections!?
Posted 12 June 2012 - 12:27 PM
...by vigorously validating your database inputs.
Was This Post Helpful?
1
#7
BobRodes
- Your Friendly Local Curmudgeon
-
Reputation: 562
- Posts: 2,935
- Joined: 19-May 09
Re: Question: What is the best way to prevent SQL Injections!?
Posted 13 June 2012 - 08:30 AM
The best single specific is to use stored procedures, and accept user input as parameters, rather than plugging user input into strings of sql instructions and passing them to your database. And then "vigorously validate your database inputs" from there.
Was This Post Helpful?
1
#8
BarNunBoi
- D.I.C Head
Reputation: 5
- Posts: 210
- Joined: 28-March 12
Re: Question: What is the best way to prevent SQL Injections!?
Posted 06 November 2012 - 03:01 PM
What is the best way to prevent SQL Injections for CakePHP's upload button. Please post some links to some reference material. Thanks!
This post has been edited by BarNunBoi: 06 November 2012 - 03:01 PM
Was This Post Helpful?
0
#9
JackOfAllTrades
- Saucy!
-
Reputation: 5723
- Posts: 22,636
- Joined: 23-August 08
Re: Question: What is the best way to prevent SQL Injections!?
Posted 06 November 2012 - 03:29 PM
CakePHP's "upload button"? What is that? Link please.
Was This Post Helpful?
0
#10
BarNunBoi
- D.I.C Head
Reputation: 5
- Posts: 210
- Joined: 28-March 12
Re: Question: What is the best way to prevent SQL Injections!?
Posted 06 November 2012 - 09:37 PM
Excuse me.....how do prevent injections from the form? I have a form that's allows users to upload data from a spreadsheet and I don't want to be vulnerable to attacks.
Was This Post Helpful?
0
#11
laytonsdad
- D.I.C Regular
Reputation: 84
- Posts: 462
- Joined: 30-April 10
Re: Question: What is the best way to prevent SQL Injections!?
Posted 07 November 2012 - 07:12 PM
http://api.cakephp.org/class/mysql
I believe cake PHP uses PDO
I may be wrong but that is what I have read.
I believe cake PHP uses PDO
I may be wrong but that is what I have read.
Was This Post Helpful?
1
Page 1 of 1
|
|
| 