Reply to Re: doing math with html — HTML — IT news, forums, messages

Posted by Adrienne Boswell on 05/23/07 05:21

Gazing into my crystal ball I observed wayne <houhwx@yahoo.com> writing in
news:%zK4i.14082$j63.8233@newsread2.news.pas.earthlink.net:

> Pages have been defaced, deleted,
>> or a whole server has been crashed by some such hacker tricks.
>>
>
> As I understand PHP, the programmer must check each field for valid
> input characters. Wouldn't this keep hackers at bay?
>
>

Not necessarily. A determined hacker can get past server side checks, if
the check is not strong enough. A good example of that is SQL injection,
where the page is using dynamic SQL, and the developer is either not using
stored procedures, or is not testing for single quotes in input fields.

--
Adrienne Boswell at Home
Arbpen Web Site Design Services
http://www.cavalcade-of-coding.info
Please respond to the group so others can share

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация