1. Get rid of all advertisements and get unlimited access to documents by upgrading to Premium Membership. Upgrade to Premium Now and also get a Premium Badge!

need some help to learn SQL Injection

Discussion in 'SQL PL/SQL' started by ssankars, Nov 3, 2011.

  1. ssankars

    ssankars Premium Member

    Messages:
    32
    Likes Received:
    1
    Trophy Points:
    110
    Location:
    Hyderabad
    I want to learn SQL Injection .Can anybody help me out for this.

    Thanks,
    Sidharth
     
  2. zargon

    zargon Community Moderator Forum Guru

    Messages:
    2,346
    Likes Received:
    347
    Trophy Points:
    1,430
    Location:
    Aurora, CO
    Why do you want to learn such a destructive act?
     
  3. ssankars

    ssankars Premium Member

    Messages:
    32
    Likes Received:
    1
    Trophy Points:
    110
    Location:
    Hyderabad
    Hi David,

    Thanks for your reply...

    I want to learn this act (SQL Injection) so that i can protect my codes from SQL Injection attack.

    Thanks,
    Sidharth
     
  4. Sadik

    Sadik Community Moderator Forum Guru

    Messages:
    1,906
    Likes Received:
    252
    Trophy Points:
    1,455
    Sidharth my friend. "SQL injection" is highly dependent on how the application executes sql queries and it is dependent on how the application is written. It's not a standalone programming technique you can learn. In it's simplest form, it means writing a query in the frontend of an application where user input is expected. If the user input is not properly "sanitized" by the application before executing it in a query, the application can inadvertently end up executing the statement which was entered on the front end.

    Almost all modern programming languages have functions to clean user input data which are called upon receiving the input. One particularly vulnerable area of any application is the search frontend as the search input is almost always passed to the database for querying of some sort.
     
    ssankars likes this.