2 Replies - 425 Views - Last Post: 14 August 2012 - 02:11 PM

#1 Bender662  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 36
  • Joined: 04-July 11

Website SQLi problem

Posted 14 August 2012 - 04:21 AM

What can i do to make my website SQLi proof?I don't know that much about php,htmal or other language but i am eager to learn.
{view_realms}
<div style="margin-left:5px;">{realm_world} - <a href="?page=realm&id={view_realms.id}">{view_realms.name} | {view_realms.type}</a></div>
<div class="realm-1">
<div class="realm-2"></div>
<div style="width:{total_number}%; background:#1b1b1b; height:3px; border:1px solid #323232; border-right:1px solid black; float:left;"></div></div>
{/view_realms}


This is the part that is giving me problem.how ca i modify this so that may ID is not shown on the link?

This post has been edited by Bender662: 14 August 2012 - 04:22 AM


Is This A Good Question/Topic? 0
  • +

Replies To: Website SQLi problem

#2 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3730
  • View blog
  • Posts: 6,017
  • Joined: 08-June 10

Re: Website SQLi problem

Posted 14 August 2012 - 05:05 AM

When you say "SQLi", what exactly do you mean by that? SQL Injection?

Why do you not want to show the ID in the URL? What problem is it causing, exactly?
Was This Post Helpful? 0
  • +
  • -

#3 Glorfindal  Icon User is offline

  • Java Enthusiast
  • member icon

Reputation: 30
  • View blog
  • Posts: 560
  • Joined: 31-December 08

Re: Website SQLi problem

Posted 14 August 2012 - 02:11 PM

Okay if you mean SQL injection proof then you shouldn't be worried about having the ID in the URL. That is usually necessary in many web applications. What you need to do is take the value of the ID and sanitize it before it used in a query to the database. I don't know exactly what language you are using from that code snippet. But there are plently of tutorials on sanitization from SQL injection. If you are using php this could help you:

http://stackoverflow...a-in-get-by-php
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1