Hi,
Is there anyone in this group that has a simple script to check for SQL
injection attacks?
In the theory I was thinking about to check $_POST and $_GET if they contain
specific substrings that could be used in an attempt. Maybe to loop thru
all set values and see if they contain DELETE
On Thu, August 3, 2006 2:32 am, Peter Lauri wrote:
Is there anyone in this group that has a simple script to check for
SQL
injection attacks?
http://php.net/mysql_real_escape_string
should cover this, no?
Another option is to use a query mechanism based on prepared
statements rather than raw
2 matches
Mail list logo