Re: Preventing SQL Injection attacks — MsSQL Server

You are here: Re: Preventing SQL Injection attacks « MsSQL Server « IT news, forums, messages

Posted by jennifer1970 on 03/02/06 21:09

Kevin Audleman wrote:
> My site has come under attack from sql injections. I thought I had
> things handled by replacing all single quotes with two single quotes,
> aka
>
> Replace(inputString, "'", "''")
>
> Alas, clever hackers have still managed to find a way to drop columns
> from some of my tables. Can anybody direct me towards a best practice
> document on preventing these attacks?
>
> Thank you thank you,
>
> Kevin

Navigation:

Next in forum: Re: Preventing SQL Injection attacks
Prev in forum: Preventing SQL Injection attacks
Thread view: Re: Preventing SQL Injection attacks

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация