Comments on: SQL Injection http://www.sandaru1.com/2006/02/22/sql-injection/ It's how I think! It's how I code! Wed, 09 Jul 2008 03:07:56 +0000 http://wordpress.org/?v=2.5.1 By: cyberhacker665 http://www.sandaru1.com/2006/02/22/sql-injection/#comment-869 cyberhacker665 Wed, 21 Feb 2007 15:03:01 +0000 http://www.sandaru1.com/?p=10#comment-869 thanks i am a noob at php still and i want to start my own cms so this will help :) thanks i am a noob at php still and i want to start my own cms so this will help :)

]]> By: ketan http://www.sandaru1.com/2006/02/22/sql-injection/#comment-333 ketan Fri, 12 Jan 2007 15:10:08 +0000 http://www.sandaru1.com/?p=10#comment-333 i have made login page how would i avoid sql injection i am using ms-sql and i have created web application using asp.net i have made login page how would i avoid sql injection i am using ms-sql and i have created web application using asp.net

]]> By: Tony http://www.sandaru1.com/2006/02/22/sql-injection/#comment-260 Tony Fri, 29 Dec 2006 18:33:01 +0000 http://www.sandaru1.com/?p=10#comment-260 Hi, I think all SQL injection tricks have been patched,I tried out most, but they didnt worked out. So, look on to new and keep publishing. Hi,
I think all SQL injection tricks have been patched,I tried out most, but they didnt worked out. So, look on to new and keep publishing.

]]> By: DevOne http://www.sandaru1.com/2006/02/22/sql-injection/#comment-18 DevOne Wed, 21 Jun 2006 16:40:27 +0000 http://www.sandaru1.com/?p=10#comment-18 Nice article, but too short if you ask me. Maybe you should try expanding it with further examples and so. Nice article, but too short if you ask me. Maybe you should try expanding it with further examples and so.

]]> By: Cakrabirawa http://www.sandaru1.com/2006/02/22/sql-injection/#comment-17 Cakrabirawa Tue, 30 May 2006 16:08:10 +0000 http://www.sandaru1.com/?p=10#comment-17 Good day! Uhm, thanks for the information. But why don't you tell us more injection string? Thanks http://come.to/digitalworks Good day!

Uhm, thanks for the information. But why don’t you tell us more injection string?

Thanks

http://come.to/digitalworks

]]> By: Dave http://www.sandaru1.com/2006/02/22/sql-injection/#comment-4 Dave Fri, 03 Mar 2006 23:43:19 +0000 http://www.sandaru1.com/?p=10#comment-4 Hi Can you tell us anything about php mail injection attacks? More particularly how to stop them! Thank Dave Hi
Can you tell us anything about php mail injection attacks? More particularly how to stop them!
Thank
Dave

]]> By: sandaruwan http://www.sandaru1.com/2006/02/22/sql-injection/#comment-3 sandaruwan Wed, 01 Mar 2006 16:53:35 +0000 http://www.sandaru1.com/?p=10#comment-3 Basically, getting rid of SQL Injection is damn easy. For example in PHP it is just calling addslashes function. So, almost every form is protected againts SQL Injection. You have to find out a vulrenable form to do that. Basically, getting rid of SQL Injection is damn easy. For example in PHP it is just calling addslashes function. So, almost every form is protected againts SQL Injection. You have to find out a vulrenable form to do that.

]]> By: Backspace http://www.sandaru1.com/2006/02/22/sql-injection/#comment-2 Backspace Wed, 01 Mar 2006 09:36:41 +0000 http://www.sandaru1.com/?p=10#comment-2 I hear that they have "patched" the SQL injection "bug" in most systems. I tried it out on a couple of mail servers I know and none of it worked. Would a more complex query solve the problem? Or have they introduced some sort of an intermediate error-checking script?? Thanks for the info. I hear that they have “patched” the SQL injection “bug” in most systems. I tried it out on a couple of mail servers I know and none of it worked. Would a more complex query solve the problem? Or have they introduced some sort of an intermediate error-checking script??

Thanks for the info.

]]>