Reply to Re: if I allow anyone on the web to run SQL queries against my database, what are the obvious attacks hackers will try?

Your name:

Reply:


Posted by Good Man on 04/13/06 23:35

"lawrence k" <lkrubner@geocities.com> wrote in
news:1144909681.379717.249460@t31g2000cwb.googlegroups.com:


> The function that returns this checks to query to see if it contains
> the words ALTER, DROP, EMPTY, GRANT, UPDATE, INSERT, and a bunch of
> others. It calls die() if it sees any of those words.
>
> For obvious reasons, I'm trepidatious about exposing the database to
> this degree. What are some of the obvious, and not so obvious, attacks
> that I shoudl expect and defend against?

a question i have as an outsider is, why are you doing this in the first
place?

as mentioned in another post, how would you possibly guard against a DOS
attack?

fundamentally poor design.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация