News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHPBuilder:
Pro PHP Security / Preventing SQL Injection, Part 2
November 09, 2006 @ 07:49:00

PHPBuilder is back with the second part of their excerpt from the book Pro PHP Security (Apress)looking at finding and preventing SQL injections in your applications.

Topics it's broken out into include:

  • Kinds of Injection Attacks
  • Multiple-query Injection
  • INVISION POWER BOARD SQL INJECTION VULNERABILITY
  • Demarcate Every Value in Your Queries
They start off pretty basic - watch what you're directly including in your SQL statement - and move on to how attackers can end your SQL and push in their own and more. The Invision vulnerability is a more real-world example of what can go wrong when filtering isn't done right. The tutorial's rounded off with some of the functions and methods you can use to check the input and filter out the bad from the good.

0 comments voice your opinion now!
prophpsecurity apress book excerpt sql injection part2 prophpsecurity apress book excerpt sql injection part2


blog comments powered by Disqus

Similar Posts

Zend Developer Zone: PHP in Action - Chapter 7, Design Patterns. Part - III

Christopher Bledsoe's Blog: PHP Dependency Injection (Inversion of Control)

MaltBlue.com: Do We Use Magic Methods or Not?

Amir Saied's Blog: Book review: "Pro PHP: Patterns, Frameworks, Testing and More" by Kevin McArthur

Stefan Mischook's Blog: SQL insert statements in PHP


Community Events





Don't see your event here?
Let us know!


install podcast language bugfix configure unittest threedevsandamaybe series application laravel wordpress developer library api introduction code release list community interview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework