Protection against SQL injection!!!

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
User avatar
Joe
Forum Regular
Posts: 939
Joined: Sun Feb 29, 2004 1:26 pm
Location: UK - Glasgow

Protection against SQL injection!!!

Post by Joe »

Could someone please advise me on any good websites or tutorials on the best ways to protect against SQL injection. The reason being is due to an intruder using this type of attack within my site.


Regards


Joe 8)
User avatar
CoderGoblin
DevNet Resident
Posts: 1425
Joined: Tue Mar 16, 2004 10:03 am
Location: Aachen, Germany

Post by CoderGoblin »

Have to admit I have only glanced at some of these but a quick search provided the following

OWASP A Guide to Building Secure Web Applications http://umn.dl.sourceforge.net/sourcefor ... V1.1.1.pdf

Introduction to Database and Application Worms http://www.appsecinc.com/presentations/DB_APP_WORMS.pdf

Additional Information on SQL Injection Attacks
http://www.securityfocus.com/infocus/1644

http://www.nextgenss.com/papers/advance ... ection.pdf

http://www.spidynamics.com/whitepapers/ ... ection.pdf
User avatar
Joe
Forum Regular
Posts: 939
Joined: Sun Feb 29, 2004 1:26 pm
Location: UK - Glasgow

Post by Joe »

I have seen the securityfocus one a while back which was OK. I have not seen the rest though. I will look now.

Thanks a lot!

Regards

Joe 8)
User avatar
Joe
Forum Regular
Posts: 939
Joined: Sun Feb 29, 2004 1:26 pm
Location: UK - Glasgow

Post by Joe »

You picked a good one there man!. I recommend reading:

This Whitepaper

Its very interesting!

Regards


Joe
Post Reply