Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developersí questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old October 20th, 2004, 10:34 PM
Authorized User
 
Join Date: Apr 2004
Location: , , .
Posts: 88
Thanks: 0
Thanked 0 Times in 0 Posts
Default What SQL Injection is ?

Does anyone explain clearly What SQl Injection is ? And show me some Example in ASP,PHP ... And How to avoid them ?
I think it is very usefull for us

Reply With Quote
  #2 (permalink)  
Old October 20th, 2004, 10:53 PM
Friend of Wrox
Points: 2,376, Level: 20
Points: 2,376, Level: 20 Points: 2,376, Level: 20 Points: 2,376, Level: 20
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: , , Australia.
Posts: 596
Thanks: 1
Thanked 3 Times in 3 Posts
Default

There are many resources for this on hte net, do a google search for SQL Injection Attack.
Here is one link but there are hundreds.
http://www.sitepoint.com/article/sql...n-attacks-safe

======================================
They say, best men are molded out of faults,
And, for the most, become much more the better
For being a little bad.
======================================
Reply With Quote
  #3 (permalink)  
Old October 20th, 2004, 11:11 PM
Friend of Wrox
Points: 6,664, Level: 34
Points: 6,664, Level: 34 Points: 6,664, Level: 34 Points: 6,664, Level: 34
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2004
Location: Sydney, NSW, Australia.
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

If someone wants to get you and they are good enough, simply, eventualy they will.

I believe the single most important factor is the account you use for connecting to the data store and what its privellages are. Never ever use the sa account in your sql server connection sting. As i'm sure your'e aware, that account has the 'mic daddy' access rights - a trouble making injectors dream

Any how, as rodmcleay has said there is a zillion web pages on it

Wind is your friend
Matt
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
sql injection trufla Classic ASP Basics 2 June 16th, 2008 03:54 PM
SQl Injection through ASP and MS SQl 2000 cancer10 Classic ASP Databases 1 October 27th, 2007 04:21 AM
SQL Injection cygnusx04 Classic ASP Databases 1 November 6th, 2004 11:06 AM
Script Injection in Sql Server farhan_iac Classic ASP Professional 6 August 20th, 2004 04:41 AM
Security: Preventing SQL Injection taliesin Classic ASP Professional 2 July 4th, 2003 03:43 AM



All times are GMT -4. The time now is 04:32 AM.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.