Re: securing web form interaction

Tue, 15 Feb 2005 15:43:43 -0800

Hi Folks


> I usually use placeholders in DBI. Is this enough for avoiding SQL
> injections?

Keywords: Inject, SQL, Oracle

http://online.securityfocus.com/infocus/1644
http://www.nextgenss.com/papers.html
http://www.ngssoftware.com/research/papers.html
http://www.ngssoftware.com/papers/advanced_sql_injection.pdf
http://www.ngssoftware.com/papers/more_advanced_sql_injection.pdf
http://www.esecurityplanet.com/trends/article.php/2243461
http://www.spidynamics.com/papers/SQLInjectionWhitePaper.pdf
http://www.webcohort.com/Blindfolded_SQL_Injection.pdf
http://online.securityfocus.com/infocus/1644
--
Ron Savage
http://savage.net.au/index.html

Reply via email to