PaulDotCom mailing list archives

Re: SQL cheat sheat

From: Patrick Laverty <patrick_laverty () brown edu>
Date: Sat, 18 May 2013 22:03:57 -0400

What to tell them: Never trust any input going to your database. (
http://xkcd.com/327/)

For defending, the OWASP cheat sheet is great:
https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet


On Sat, May 18, 2013 at 11:13 AM, Philip Green <pg () givetechback org> wrote:

Hello PaulDotCom mailing list!

I have a group of programmers working on a site and really, I know more
about breaking into stuff than defending.


What do you guys think the most important thing(s) to tell programmers
when they are coding a database to try and prevent SQL injection
attacks occurring?


Any website links would really help as well.


Thanks in advance.


Philip Andrei Green
=)

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

SQL cheat sheat Philip Green (May 18)
- Re: SQL cheat sheat allison nixon (May 20)
- Re: SQL cheat sheat Bill Swearingen (May 20)
- Re: SQL cheat sheat Youssef Rebahi-Gilbert (May 20)
- Re: SQL cheat sheat Jamil Ben Alluch (May 20)
- Re: SQL cheat sheat Leon Jacobs (May 20)
- Re: SQL cheat sheat Matt Konda (May 20)
- Re: SQL cheat sheat Patrick Laverty (May 20)
- Re: SQL cheat sheat Michael Allen (May 20)
- Re: SQL cheat sheat Guillaume Ross (May 21)
- Re: SQL cheat sheat Joel Gunderson (May 22)
- <Possible follow-ups>
- Re: SQL cheat sheat Ty Purcell (May 20)
  - Re: SQL cheat sheat Bruce Barnett (May 20)