Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Why not use this to help prevent SQL injection?
#1
Why don't we just add "--" to the end of our queries to prevent basic SQL injection?
Reply
#2
Who's code?
Reply
#3
When the magic_quotes_gpc variable is off, it prevents some SQL attacks also.
Someone with no history is nothing but suspicious.
Reply
#4
(04-29-2011, 02:19 PM)Solidus Wrote: Who's code?

No one in particular. If you add -- to then end of your query, and injection attempts like " 'OR 1=1" will just be read as a comment.
Reply
#5
It's the most basic of all injections. I don't think you'll find a script that is vulnerable to that.
Reply
#6
This section is so dead... Well I think it could work in some cases...
[Image: just-cause-2-header.jpg]
Reply
#7
(05-05-2011, 11:18 AM)iCrack Wrote: This section is so dead... Well I think it could work in some cases...

I agree. It's a good section though. I don't know why it's so dead.
Reply
#8
(05-05-2011, 06:22 PM)harris21 Wrote: I agree. It's a good section though. I don't know why it's so dead.

All the coding sections are dead. I don't know why. Does no one program on here?
Someone with no history is nothing but suspicious.
Reply
#9
(05-06-2011, 07:33 AM)eax Wrote: All the coding sections are dead. I don't know why. Does no one program on here?

Well, i do programm a lot lately. We just need some more programmers here Tongue
Reply
#10
SupportForums doesn't have many posts a day at the moment.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  how to open a 750 mb database,sql file? etc 17 7,458 08-21-2011, 03:57 AM
Last Post: AceInfinity
  Help: SQL without phpmyadmin? nevets04 7 3,659 12-30-2009, 11:47 AM
Last Post: wat
  SQL Interacting with Form Cppsean 3 1,647 10-19-2009, 12:21 PM
Last Post: Omniscient

Forum Jump:


Users browsing this thread: 1 Guest(s)