Tip! Do not use SQL Queries in your URL string

Discussion in 'General Web Coding' started by Stephen, Apr 16, 2013.

  1. Stephen

    Stephen US Operations Staff Member

    I am seeing a LOT of SQL Injections in logs, but what is more troubling is seeing how many people have saw SQL Queries in their URL String to pass along to the SQL Server in day to day working websites.

    With this type of url, you are giving an open invitation to have your entire DB trashed, and anything in it exposed, along with any user/passes/emails etc.

    I am working to block SQL injections on servers by URL string, and seeing loads of very badly coded side with major problems in their parameters and URLs.
    Stephen, Apr 16, 2013
    #1

Share This Page

JodoHost - 26,000 hosting end-users in 100 countries
Plesk Web Hosting
Windows Web Hosting$3.95
Linux Web Hosting$3.95
VPS Hosting
Windows VPS Hosting$29.95
Linux VPS Hosting$11.95
H-Sphere Web Hosting
Windows Web Hosting$2.95
Linux Web Hosting$2.95
Windows Semi-dedicated$69.00
Linux Semi-dedicated$59.00
Reseller Web Hosting$18.75
Other Services
SSL Digital Certificates$9.95
Domains Registration$9.95
JodoInstitute - Thousands of IT professionals Trained
Cisco Certification Training
CCNA Routing and Switching v2.0
CCNA Security
CCNP
Security/Ethical Hacking
CompTIA Security+
EC Council CEHv8
EC Council ECSA/LPT
CISA/ CISM/CISSP
Microsoft Cloud Training
MCSA Windows Server 2012
MCSE: Private Cloud
MCSE: Server Infrastructure
MCSE: Desktop Infrastructure
System Center 2012
SCCM 2012
Exchange 2010
Exchange Server
Sharepoint 2010
CompTIA Training
CompTIA Security+
CompTIA Cloud+
CompTIA Storage+