RSS FullRecent Posts
- PHP Security: SQL Injection | Zend PHP 5 Certification Blog
- PHP Security: SQL Injection | Zend PHP 5 Certification Blog
- CodeIgniter Version 1.7 » Agito.log
- Nested Loops vs Hash Join, The SOA Limitation « poeticcode
- Security Database IT Watching - Alert Detail : CVE-2008-5069
Recent Comments
- luca on XSS in mysql_error()
- Jacob Tuscon on SQL Power Injector 1.2 released - TechRepublic
- MySQL Security » MySQL Security Update Fixes Restrictions Bypass and Library … on MySQL Security Update Fixes Restrictions Bypass and Library ...
PHP Security considerations, a quick reference for the newbies.
Published by | Filed under saiweb, php-mysql-real-escape-string, mysql-real-escape-string, newbies, view-all-posts-in-php, considerations, saiweb-php-security, reference, injection, security, php, sql, view-all-posts-in-mysql, mysql
Passing RAW globals to mysql! ie. $sql = “SELECT * FROM users WHERE email=’.$_GET[’email’].”‘ and password=’”.$_GET[’password’]”‘” $result = mysql_query($sql);. So what is wrong with the above? SQL INJECTION welcome to a world where …
iis securityiis security
Read the original here: PHP Security considerations, a quick reference for the newbies.
considerations injection mysql mysql real […]
March 20th, 2008. Comment now »
Let’s get this show on the road
Published by | Filed under home-about-moi, view-all-posts-in-login, archived-entry, bakery-my-personal, baking-with-cakephp, view-all-posts-in-mysql, view-all-posts-in-basics, utf, basics, rsd, login, pavlova-bakery, mysql
By that, I mean if you leave an opening, some sod will exploit it at the worst possible time. Users should never gain access to any file without proven authentication (except maybe the Login User or Register User views) and never be …
advisory black hat blog commentary control focussed advisory […]
January 19th, 2008. Comment now »
