Skip to content
Skip to main navigation
Skip to first column
Skip to second column

SleepyEgg

Tech News, Deals, & Games

Home

SQL Injection

SQL Injection

Thursday, 07 July 2005 18:57

E-mail

Print

PDF

SQL Injection is an application security hole. It happens when an application uses a string passed by user in SQL statement. Usually, string is passed to web server through HTTP request. For example: String str = request.getParameter("name"); String sqlStr = "select * from account where id=1 and name= "+str; sqlStr could be "select * from account where id=1 and name = kevin"; sqlStr could be "select * from account where id=1 and name = kevin or id = 2";

Bookmark

Google

Yahoo MyWeb

Del.icio.us

Digg

Myspace

Reddit

Ma.gnolia

Technorati

Stumble Upon

Set as favorite

Bookmark

Email This

Comments (0) Add Comment

Add Comment

Subscribe to this comment's feed

Write comment

Show/Hide comment form

You must be logged in to a comment. Please register if you do not have an account yet.

Polls

Which has the best Graphic?

	PC
	Xbox 360
	PS3
	Other

Login