Tip! Do not use SQL Queries in your URL string

Discussion in 'General Web Coding' started by Stephen, Apr 16, 2013.

  1. Stephen

    Stephen US Operations Staff Member

    I am seeing a LOT of SQL Injections in logs, but what is more troubling is seeing how many people have saw SQL Queries in their URL String to pass along to the SQL Server in day to day working websites.

    With this type of url, you are giving an open invitation to have your entire DB trashed, and anything in it exposed, along with any user/passes/emails etc.

    I am working to block SQL injections on servers by URL string, and seeing loads of very badly coded side with major problems in their parameters and URLs.

Share This Page

JodoHost - 26,000 hosting end-users in 100 countries
Plesk Web Hosting
VPS Hosting
H-Sphere Web Hosting
Other Services