Protecting yourself from sql injection » zulutime

2 years ago, at the end of March

Protecting yourself from sql injection

Posted by pbirnie under technology

use bind variables
restrict the rights of your web apps database user - no more rights than necessary (ie. no drop/create)
in production mode, when a sql error occurs, only show a message such as "an error occured" - not the full sql that was executed

No Responses to “ Protecting yourself from sql injection ”

Comments:

Leave a Reply

Archived Entry
- Post Date :
- Sunday, Mar 28th, 2010 at 12:07 pm
- Category :
- technology
- Do More :
- You can leave a response, or trackback from your own site.

February 2012

M T W T F S S

« Feb

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29
Pages:
- About Me
Categories:
- life (1)
- technology (107)
- Uncategorized (6)
Search:
Meta