WyseLabs Internet Marketing Forum :: Start Sharing

A Dedicated Room for Testing, Experimenting, Listing & Discussing Internet Marketing Innovation

This forum consists of only people that work for TechWyse and contribute to the WyseLabs community. We invite all of you to read many of the helpful things that we find in our daily lives! That is why we have built this section after all!
Register Now

SQL Injection

Programming for Search Engines 101. An area for avid PHP and .NET developers to chat about Programming techniques and how to make better use of search engines.

Moderator: Moderators

Post a reply

SQL Injection

Postby sreehari » Fri Jun 11, 2010 4:53 am

A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.
SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, Java EE and ASP.NET applications are less likely to have easily exploited SQL injections.
Common SQL injection attacks can see
sreehari
 
Top

Re: SQL Injection

Postby jay » Mon Jun 14, 2010 2:25 am

Thanks Sreehari for the tutorial post. It's very detailed with step by step examples on situations where sql injections happens and how to tackle it. A must read for programmers. !

Read more about it - http://www.learnphponline.com/security/ ... -mysql-php
Jay M
Write Less, Do More
jay
 
Posts: 475
Joined: Wed Nov 22, 2006 12:05 am
Location: Cochin, India.
Top
Post a reply

Return to Programming

Who is online

Users browsing this forum: No registered users and 3 guests

Powered by phpBB® Forum Software © phpBB Group
cron