SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    Froot r gewd SubKamran's Avatar
    Join Date
    May 2002
    Location
    North Star State
    Posts
    597
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    sql injection for mySQL?

    I've heard stories about SQL Injection for SQL Server...is there any for mySQL? I tried doing it, using the '#' as a comment sign, and it just gave me syntax errors...here is what i typed:

    Code:
    ';" DROP TABLE Test #
    But, nothing works...

    So, just in case, if it finds these chars:

    Code:
    #
    --
    '
    ;
    <
    >
    It will redirect them back, before it even checks the database...is that good solution? What could smart people do to get around that?
    "Sometimes little is more."
    Kamran A
    Web Dev/Designer
    Keyboard not found: Please Press F1 to Continue

  2. #2
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Have you read this thread?


    M@rco
    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!

  3. #3
    Prolific Blogger silver trophy Technosailor's Avatar
    Join Date
    Jun 2001
    Location
    Before These Crowded Streets
    Posts
    9,446
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ...or this article? Great topic...

    Sketch
    Aaron Brazell
    Technosailor




Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •