As I am working on a new project I decided it was time to write a new function to protect myself from SQL injection attacks. I wanted to do it right so I headed onto the net to find some advice and tutorials on how to do, which ways are best effective, methods to use and so forth. Anyway one of the results I came accross is from the PHP manual (at least I think).
The worrying thing though is that I am half way down and all that has been on the page so far are ways in which SQL injection attacks can happen on a side with full code reference and methods on how to do it! Lol, the problem with anything open source that is available to the public is that if you publish a bug fix, others will exploit sites that don’t yet have the bug fix.
Take a flick through the article at http://php.us.themoes.org/manual/en/security.database.sql-injection.php. I am sure there will be a fix at the bottom, but it is still worrying considering the amount of people who don’t secure themselves against SQL injections. Dreamweaver does pretty much nothing at least for ASP and JSP pages if memory serves.
Don't have time to check my blog? Get a weekly email with all the new posts. This is my personal blog, so obviously it is 100% spam free.
This entry was posted on Monday, August 30th, 2004 at 6:04 am and is filed under Life. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.