Results 1 to 2 of 2

Thread: SQL Injection

  1. #1
    Join Date
    Jan 2006

    Unanswered: SQL Injection

    Does anyone have any insight regarding SQL injection involving a table name t_jiaozhu? Is this a new hack script or old? I am having a hard time finding any clear details other than ways to stop injection from happening. This I know, what I am trying to figure out is what damaged may have been caused (worse case) and what would be a good plan of attack to figure out what steps suceeded/failed.

  2. #2
    Join Date
    Jan 2003
    Provided Answers: 11
    A google search should show that SQL Injections is at least as old as ASP. The ways to stop SQL Injection attacks are:
    1) check your inputs
    2) use stored procedures, instead of dynamic SQL
    3) check your inputs
    4) use command objects with parameters, instead of just
    5) check your inputs

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts