{Carrer web log}


Blog about web design & development

What is SQL Injection? Learn more about Sql injection and prevention techniques with ASP, ASP.NET, PHP, ColdFusion

Wednesday, June 21, 2006 { 1 Comments }

“SQL Injection is a technique which enables an attacker to execute unauthorized SQL commands by taking advantage of unsanitized input opportunities in Web applications building dynamic SQL queries.” –Wikipedia

There are some useful links that will help you to learn more about Sql injection:


General links:

http://en.wikipedia.org/wiki/SQL_Injection

http://en.wikipedia.org/wiki/Sql_injection

http://www.unixwiz.net/techtips/sql-injection.html

http://www.imperva.com/application_defense_center/white_papers


PDF Articles:
http://www.spidynamics.com/

http://www.ngssoftware.com/

http://www.appsecinc.com



PHP
http://en.wikibooks.org/wiki/Programming:PHP:SQL_Injection

http://shiflett.org/articles/security-corner-apr2004

http://dev.mysql.com/




ASP
http://www.4guysfromrolla.com/webtech/061902-1.shtml

http://www.sitepoint.com/article/sql-injection-attacks-safe

http://msdn.microsoft.com/

http://www.nextgenss.com/



ASP.NET
http://msdn.microsoft.com/

http://www.developer.com


Cold Fusion
http://www.forta.com

http://www.adobe.com

1 Responses to “What is SQL Injection? Learn more about Sql injection and prevention techniques with ASP, ASP.NET, PHP, ColdFusion”

  1. // Blogger Jeffrey // 5/03/2007

    Regarding .NET and SQL, see:

    http://weblogs.sqlteam.com/jeffs/archive/2006/07/21/10728.aspx

    the key is, you don't have to do ANYTHING to avoid SQL Injection if you simply use best practices and use parameters.  

Post a Comment

<< Home

RSS IconTwitter icon Twitter icon Twitter icon

About Me <<<

Name: Vladimir Carrer
vladocar [at] gmail.com
Location: Verona, Italy
I'm a web designer, developer, teacher, speaker, generally web addicted ...

My projects <<<

§§Previous Posts <<<

Hand Drawn Icons
Photoshop Wireframing Kit Ad
 

Other Profiles <<<

View Vladimir Carrer's profile on LinkedIn

Content is licensed under a Creative Commons Public Domain License