Spotting the Sin Pattern

Previous page
Table of content
Next page

Any application that has the following pattern is at risk of SQL injection:

  • Takes user input

  • Does not check user input for validity

  • Uses user-input data to query a database

  • Uses string concatenation or string replacement to build the SQL query or uses the SQL exec command (or similar)


Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
SQL Hacks
Visual C# 2005 How to Program (2nd Edition)
GO! with Microsoft Office 2003 Brief (2nd Edition)
Comparing, Designing, and Deploying VPNs
DNS & BIND Cookbook
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy