0

Hi All,

Can anybody give me some good pointers on cause, effect and workarounds for injection attacks please?

Id really like to know actual commands that people use, where they use them and how to stop them.

Answers on a postcard...............:-)

3
Contributors
3
Replies
4
Views
7 Years
Discussion Span
Last Post by pritaeas
1

To prevent mySQL Injections, we have 2 predefined functions they are

mysql_real_escape_string() - Takes String + connection handler and escapes the string based on the current character set

mysql_escape_string() - Takes String, will not connection handler and will not escapes the string according to the current character set.

I think you understood which one we need to use.

If you want more details, follow the link
http://dev.mysql.com/tech-resources/articles/guide-to-php-security-ch3.pdf

0

ok thats great information, thank you

how exactly do you attack? so i can test for myself?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.