Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/51/12486951/html/kurinchilamp/wp-content/plugins/statpress-reloaded/statpress.php on line 1786
Kurinchi Blogger Scribbles … » Blog Archive » SQL Injection: Database Code Security in Programming

SQL Injection: Database Code Security in Programming

Dynamic SQL (concatenated sql string) is a coding practice where by the queries are built in the program and sent to SQL Server for execution. This can allow the code to be injected into the dynamic queries causing a damage to the database.

A good alternative is to use parameterised queries where placeholders are set for the variables. The possibility of queries getting infected with injected code is completely removed with parameterized queries.

In addition to parameterized queries, it is alway a best practice to sanitize the input parameters before using them in queries.

Also the data input should be encoded appropriately especially in case of dynamic sql usage and to apply appropriate encoding when extracted from the database to avoid cross-site script execution.

Share

Written by kurinchilamp


Website: http://

Leave a Reply

Your email address will not be published. Required fields are marked *

Read previous post:
How to integrate Zend Framework with WordPress blog or Joomla website?

Follow the simple steps given below to integrate Zend framework with other applications like Wordpress, Joomla and other such open...

Close