sql-injection

问题 I\'ve been preaching both to my colleagues and here on SO about the goodness of using parameters in SQL queries, especially in .NET applications. I\'ve even gone so far as to promise them as giving immunity against SQL injection attacks. But I\'m starting to wonder if this really is true. Are there any known SQL injection attacks that will be successfull against a parameterized query? Can you for example send a string that causes a buffer overflow on the server? There are of course other

问题 There seems to be some hysteria about SQL Injection attacks. Most recently, here How to return the value in one field based on lookup value in another field If I\'m creating a macro in Excel that connects to an Access database, do I really have to be concerned about SQL injection? It\'s not on the web, it\'s used in my office (you guys remember desktops right?). I\'m not concerned that my co-workers are going to sabotage me. If they\'re smart enough to do a SQL injection, aren\'t they smart

问题 There\'s a comment in another question that says the following: \"When it comes to database queries, always try and use prepared parameterised queries. The mysqli and PDO libraries support this. This is infinitely safer than using escaping functions such as mysql_real_escape_string.\" Source So, what i want to ask is: Why are prepared parameterized queries more secure? 回答1: An important point that I think people here are missing is that with a database that supports parameterized queries,

问题 Some people believe that mysql_real_escape_string() has some flaws and cannot protect your query even when properly used. Bringing some fossilized articles as a proof. So, the question is: is mysql[i]_real escape_string() totally unacceptable? Or is it\'s still possible to use this function to create your own kind of prepared statements? With proofcode, please. 回答1: From the MySQL’s C API function mysql_real_escape_string description: If you need to change the character set of the connection,

问题 Is it possible to prevent SQL injections in Node.js (preferably with a module) in the same way that PHP had Prepared Statements that protected against them. If so, how? If not, what are some examples that might bypass the code I\'ve provided (see below). Some Context: I\'m making a web application with a back-end stack consisting of Node.js + MySql using the node-mysql module. From a usability perspective, the module is great, but it has not yet implemented something akin to PHP\'s Prepared

问题 This question already has an answer here: How can I add user-supplied input to an SQL statement? 2 answers I have to program an application management system for my OJT company. The front end will be done in C# and the back end in SQL. Now I have never done a project of this scope before; in school we had only basic lessons about SQL. Somehow our teacher completely failed to discuss SQL injections, something which I have only now come in contact with by reading about it on the net. So anyway

问题 I have done pretty much reading and still don\'t understand 100% how some of the SQL injections happen! I\'d like to see, from those who know, concrete examples of SQL injection based on my example, so it could be replicated, tested and fixed. I have tried to SQL inject my code and couldn\'t, so I\'d like someone to prove me otherwise! 1.Am I right that SQL injection can happen ONLY with POST or GET methods, meaning that on the website it should be the post form, e.g. \'signup or search\' or

问题 In PHP, I know that mysql_real_escape is much safer than using addslashes . However, I could not find an example of a situation where addslashes would let an SQL Injection happen. Can anyone give some examples? 回答1: Well, here's the article you want. Basically, the way the attack works is by getting addslashes() to put a backslash in the middle of a multibyte character such that the backslash loses its meaning by being part of a valid multibyte sequence. The general caveat from the article:

问题 I realize that parameterized SQL queries is the optimal way to sanitize user input when building queries that contain user input, but I\'m wondering what is wrong with taking user input and escaping any single quotes and surrounding the whole string with single quotes. Here\'s the code: sSanitizedInput = \"\'\" & Replace(sInput, \"\'\", \"\'\'\") & \"\'\" Any single-quote the user enters is replaced with double single-quotes, which eliminates the users ability to end the string, so anything

问题 I\'m trying to put some anti sql injection in place in java and am finding it very difficult to work with the the \"replaceAll\" string function. Ultimately I need a function that will convert any existing \\ to \\\\ , any \" to \\\" , any \' to \\\' , and any \\n to \\\\n so that when the string is evaluated by MySQL SQL injections will be blocked. I\'ve jacked up some code I was working with and all the \\\\\\\\\\\\\\\\\\\\\\ in the function are making my eyes go nuts. If anyone happens to