Good practices to avoid SQL injection attacks

CodeCharge Studio

Web Reporting

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

YesSoftware Forums -> Archive -> CodeChargeStudio.Discussion

Good practices to avoid SQL injection attacks

Author

Message

Doru Apostolescu

Posted: 12/10/2003, 10:02 AM

What are the main procedures to code an web application to avoid those nasty
and easy to do SQL injections attacks ?

Where the data validation should occur, at the aplication/form level, or at
the database level ?

What type of validation and attack detection can be implemented in
CodeCharge Studio?

What is your experience with this type of attack against your applications ?
--

Doru APOSTOLESCU
CNTA, CW2KA
TEHNOPLUS srl

DonB

Posted: 12/10/2003, 12:13 PM

Here's a good article I bookmarked awhile back.

http://www.devarticles.com/c/a/MySQL/SQL_Injection_Attacks_Are_You_Safe/

--
DonB

http://www.gotodon.com/ccbth

"Doru Apostolescu" <dfa.nospam@tehnoplus.com> wrote in message
news:br7n3n$4n4$1@news.codecharge.com...
> What are the main procedures to code an web application to avoid those
nasty
> and easy to do SQL injections attacks ?
>
> Where the data validation should occur, at the aplication/form level, or
at
> the database level ?
>
> What type of validation and attack detection can be implemented in
> CodeCharge Studio?
>
> What is your experience with this type of attack against your applications
?
> --
>
>
>
> Doru APOSTOLESCU
> CNTA, CW2KA
> TEHNOPLUS srl
>
>
>
>
>
>

These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

Web Database

Join thousands of Web developers who build Web applications with minimal coding.
CodeCharge.com

Home | Search | Members | Register | Login