SQL injection
Posted: Mon May 12, 2008 5:29 am
I have little knowledge about sql injection.. all i know is that the hacker can type the query in the input boxes...so my plan is to trap the input that has INSERT, DELETE, SELECT (and other potential queries) on it..and other input that has semicolon and more than one apostrophe...
is my plan ok? or it seems ridiculous?
is my plan ok? or it seems ridiculous?