View Full Version : SQL injecting
Decode
05-07-2008, 10:24 PM
How can it happen, i dont want my site to be hacked :P +rep if somone explains or gives me a link.
Dentafrice
05-07-2008, 10:27 PM
http://www.unixwiz.net/techtips/sql-injection.html
http://www.securiteam.com/securityreviews/5DP0N1P76E.html
Those are two great articles.
Decode
05-07-2008, 10:32 PM
Thanks :)
Decode
07-07-2008, 03:28 PM
K opening this again, ive made a function to remove bad characters from my string, I've got these on the list so far, is there any I've mised;
& - gets replaced with &
OR - with O<i></i>R
' - removed
" - "
> - <
< - $gt;
Would that be enough to stop injecting?
Agnostic Bear
07-07-2008, 05:02 PM
K opening this again, ive made a function to remove bad characters from my string, I've got these on the list so far, is there any I've mised;
& - gets replaced with &
OR - with O<i></i>R
' - removed
" - "
> - <
< - $gt;
Would that be enough to stop injecting?
htmlentities( $string, ENT_QUOTES ); will be fine. (as in, just that)
Want to hide these adverts? Register an account for free!
Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.