Sql injection, DOT NET Programming

What is SQl injection?

This is a Form of attack on the  database-driven Web site in which the attacker executes the unauthorized SQL commands by taking merits of insecure code on a system connected to the Internet, or bypassing the firewall. The SQL injection attacks are always used to steal the information from a database from which the data would normally not be available and/or to gain access to an organization's host computers through the computer which is hosting the database.

The SQL injection attacks typically are simple to avoid by ensuring that a system has strong input validation.

As the name suggest we inject SQL which can be relatively dangerous for the database.

For Example this is a simple SQL

SELECT email, passwd, login_id, full_name

 FROM members

WHERE email = 'x'

Now someone does not put "x" as the input but puts "x ; DROP TABLE members;". So the actual SQL which will execute is :-

SELECT email, passwd, login_id, full_name

 FROM members

 WHERE email = 'x' ; DROP TABLE members;

Posted Date: 9/24/2012 3:22:41 AM | Location : United States







Related Discussions:- Sql injection, Assignment Help, Ask Question on Sql injection, Get Answer, Expert's Help, Sql injection Discussions

Write discussion on Sql injection
Your posts are moderated
Related Questions
I want Web Social Apps/ site Project Description: I need a web designer have a specific unique project in mind.  Skills required are C# Programming, Cocoa, Mac OS, iPhone,

Explain ADO.NET in brief. ADO.NET is a very significant feature of .NET Framework, which is used to work with data that is stored in structured data sources, like databases and

What is the difference between System exceptions and Application exceptions? All exception is derived from Exception Base class. Exceptions are generated programmatically or ca

What are satellite assemblies? We use resource files to store data according to the localized languages. But when you actually go for the deployment you will not like to also i

what is the code for calculator in windowsapplication

I have the working code I''m using to print the SQL table right now. I just need code to print in reverse order.

I need a program that mimics the similar functionality as the link below. Program must have a unique user interface. Must add source code, installer, and of course a nice user i

MAT LAB programming Project Description: i have simulation and i need to simulate the equation in ,and test the all simulation it working with your work program other code sh

What is a delegate? A delegate is similar to a class that is used for storing the reference to a method and invoking that method at runtime, as needed. A delegate can hold the

What is "AutoPostBack" feature in ASP.NET? If we want to control the automatically postback in case of any event, we will need to check the attribute as true. For example on a