Home arrow MySQL arrow SQL Injection Attacks: Are You Safe?
MYSQL

SQL Injection Attacks: Are You Safe?


Is your database safe from SQL injection attacks? In this article Mitchell tells us exactly what they are and shows us how to prevent them from occuring.

Author Info:
By: Mitchell Harper
Rating: 5 stars5 stars5 stars5 stars5 stars / 58
May 29, 2002
TABLE OF CONTENTS:
  1. · SQL Injection Attacks: Are You Safe?
  2. · What is an SQL injection attack?
  3. · Injection attack examples
  4. · Preventing SQL injection attacks
  5. · Conclusion

print this article
SEARCH DEVARTICLES

SQL Injection Attacks: Are You Safe?
(Page 1 of 5 )

The database is the heart of most web applications: it stores the data needed for the web sites and applications to "survive". It stores user credentials and sensitive financial information. It stores preferences, invoices, payments, inventory data, etc. It is through the combination of a database and web scripting language that we as developers can produce sites that keep clients happy, pay the bills, and most importantly run our businesses.

But what happens when you realize that your critical data may not be safe? What happens when you realize that a new security bug has just been found? Most likely you either patch it or upgrade your database server to a later, bug-free version. Security flaws and patches are found all the time in both databases and programming languages, but I bet 9 out of 10 of you have never heard of SQL injection attacks...?

In this article I will attempt to shed some light on this under-documented attack, explaining what an SQL injection attack is and how you can go about preventing one from occurring within your company. By the end of this article you will be able to identify situations where an SQL injection attack may allow unauthorized persons to penetrate your system. You will also learn ways to fix existing code to prevent an SQL injection attack from occurring.

In this article I will focus specifically on Microsoft SQL Server 2000 and SQL injection attacks, however other databases such as MySQL and Oracle are also vulnerable, so if you're running another database system then you can still use the contents of this article to protect your database.

blog comments powered by Disqus
MYSQL ARTICLES

- MySQL and BLOBs
- Two Lessons in ASP and MySQL
- Lord Of The Strings Part 2
- Lord Of The Strings Part 1
- Importing Data into MySQL with Navicat
- Building a Sustainable Web Site
- Creating An Online Photo Album with PHP and ...
- Creating An Online Photo Album with PHP and ...
- PhpED 3.2 More Features Than You Can Poke ...
- Creating An Online Photo Album with PHP and ...
- Creating An Online Photo Album with PHP and ...
- Security and Sessions in PHP
- Setup Your Personal Reminder System Using PHP
- Create a IP-Country Database Using PERL and ...
- Developing a Dynamic Document Search in PHP ...

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 

Developer Shed Affiliates

 




© 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials