Results 1 to 5 of 5

Thread: sql question??

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

February 4th, 2004, 01:16 PM #5
SirDice

View Profile

View Forum Posts

Visit Homepage
Just Another Geek

Join Date

Jul 2002

Location

Rotterdam, Netherlands

Posts

3,401
Originally posted here by sun7dots
Other thing is to filter all unwanted chars that can be input by the user.

You need to look up the characters you should be stripping out of your inputs to prevent this style of attack,{...}

This is actually the wrong way to do it as people tend to forget things or overlook stuff (the infamous "too many slashes syndrome" ).

You need to filter on the characters you want and drop everything else.

Oliver's Law:
Experience is something you don't get until just after you need it.
Reply With Quote

Quick Navigation Newbie Security Questions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: sql question??

Thread Tools

Display

Threaded View

Posting Permissions