Sql injection, DOT NET Programming

What is SQl injection?

This is a Form of attack on the  database-driven Web site in which the attacker executes the unauthorized SQL commands by taking merits of insecure code on a system connected to the Internet, or bypassing the firewall. The SQL injection attacks are always used to steal the information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer which is hosting the database.

The SQL injection attacks typically are simple to avoid by ensuring that a system has strong input validation.

As the name suggest we inject SQL which can be relatively dangerous for the database.

For Example this is a simple SQL

SELECT email, passwd, login_id, full_name

 FROM members

WHERE email = 'x'

Now someone does not put "x" as the input but puts "x ; DROP TABLE members;". So the actual SQL which will execute is :-

SELECT email, passwd, login_id, full_name

 FROM members

 WHERE email = 'x' ; DROP TABLE members;

Posted Date: 9/24/2012 3:22:41 AM | Location : United States







Related Discussions:- Sql injection, Assignment Help, Ask Question on Sql injection, Get Answer, Expert's Help, Sql injection Discussions

Write discussion on Sql injection
Your posts are moderated
Related Questions
What is Dynamic Language Runtime (DLR)? DLR is a runtime environment that permits you to integrate dynamic languages with the Common Language Runtime (CLR) by adding a set of s

i want to know how can i sum quantity column in gridview and place it in first row...not in footer..in .net. Rply ASAP

Virtual Webcam effects + Sourcecode + Setup + Nice User Interface Project Description: i want a similar webcam effects application which can apply effects to webcam feed. So

Need Experienced dot Net and PHP Programmers Project Description: Need Experienced dot Net., JSP, PHP, Java Programmers Skilled professional and command in Programming eit

Full Time Coder My colleague is seeking for someone to work on his website via team viewer. First I would need scale following skills- a) C# - b) AJAX - c) LINQ to S

What is nested Classes? You can access an array using the INDEX value of that array, but how many times you know the real value of the index. The Hashtable provides a way of ac

Project Description: We require an expert developer to work on several projects for our company. You will be managed by our senior developer. Required - MUST be proficient in

Develop a Windows Backup Application Application Goal The goal is to prepare an easy to use application that provides the user peace of mind that all of their firewalls are b

mailer - mail sender Project Description: I want a mailer: -run on Windows Server 2008 -use how many theard i need -more details speak on private Skills required