To successfully run a query with text data containing single quotes ‘ as well as other SQL reserved punctuations, AND to prevent SQL injections, you will always want to escape the text values before using them in a SQL query. In PHP 4.0, we are stuck with mysql_real_escape_string. With PHP 5.0, mysqli:prepare and mysqli::real_escape_string are …
SQL injection is a typical code injection attack that exploits weaknesses of application in the database layer. SQL injection vulnerability is created when one scripting or programming language is embedded in or used as input in another with failure to verify the legality or filter for potential dangerous codes. SQL injections are possible when input …
As Web becomes one of the most fundamental means of communication and information delivery nowadays, and as its usage reaches population level in regards to that when the televisions prevailed, the protection of it has never been so critical. SANS institute in association with US government and various other weighty contributors, most of whom IT …
Top 25 Most Dangerous Web Programming Errors, Loopholes and Bad Habits Read More »
