PaulDotCom mailing list archives

Re: SQL cheat sheat

From: allison nixon <elsakoo () gmail com>
Date: Sat, 18 May 2013 22:13:21 -0400

parameterize input

if they use php, use pdo

If you aren't sure, take a simple version of the query you're trying to
code, turn on errors, and scan it with SQLmap

On Sat, May 18, 2013 at 11:13 AM, Philip Green <pg () givetechback org> wrote:

Hello PaulDotCom mailing list!

I have a group of programmers working on a site and really, I know more
about breaking into stuff than defending.


What do you guys think the most important thing(s) to tell programmers
when they are coding a database to try and prevent SQL injection
attacks occurring?


Any website links would really help as well.


Thanks in advance.


Philip Andrei Green
=)

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
_________________________________
Note to self: Pillage BEFORE burning.

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

SQL cheat sheat Philip Green (May 18)
- Re: SQL cheat sheat allison nixon (May 20)
- Re: SQL cheat sheat Bill Swearingen (May 20)
- Re: SQL cheat sheat Youssef Rebahi-Gilbert (May 20)
- Re: SQL cheat sheat Jamil Ben Alluch (May 20)
- Re: SQL cheat sheat Leon Jacobs (May 20)
- Re: SQL cheat sheat Matt Konda (May 20)
- Re: SQL cheat sheat Patrick Laverty (May 20)
- Re: SQL cheat sheat Michael Allen (May 20)
- Re: SQL cheat sheat Guillaume Ross (May 21)
- Re: SQL cheat sheat Joel Gunderson (May 22)
- <Possible follow-ups>
- Re: SQL cheat sheat Ty Purcell (May 20)

(Thread continues...)