bg left bg right
      
  |  | 
Welcome to SleepyEgg Tech News and Coupon Deals!
SQL Injection PDF Print E-mail
(0 votes)
Written by Sleepy Egg   
Thursday, 07 July 2005
SQL Injection is an application security hole. It happens when an application uses a string passed by user in SQL statement. Usually, string is passed to web server through HTTP request. For example: String str = request.getParameter("name"); String sqlStr = "select * from account where id=1 and name= "+str; sqlStr could be "select * from account where id=1 and name = kevin"; sqlStr could be "select * from account where id=1 and name = kevin or id = 2";


Comments (0)add comment

Write comment
quote
bold
italicize
underline
strike
url
image
quote
quote
Smiley
Smiley
Smiley
Smiley
Smiley
Smiley
Smiley
Smiley
Smiley
Smiley
Smiley

security image
Write the displayed characters


busy
 


Valid XHTML 1.0 Transitional