Pages

Archives

Jailbroken Iphone 2g Lost Connection To Net On Vodafone?Does Anyone Know How To Top Up Someone's Vodafone Phone In Holland From Ireland?Is There A Good Converter For Mod Files To Convert Mod Video?What Is The Difference Between An Unlocked Iphone And A "high Quality" Copy Iphone From China?What Is The Simplest Way To Mod A Wii To Play Dvds?How Do I Get A Sniper Mod For My Halo Demo?What Hardware Stores Sell Glass You Can Have Them Custom Cut For You?Hardware??Sql Injection Help? Http://www.inhumangames.com/lo…How To Auto Login As Root In Linux(fedora Core 8).?How Well Does Avast Antivirus Work For You?How To Hack Email Accounts?How Easy/hard Is It To Hack Gmail, Hotmail, Or Yahoo! Email Without A Password?Why Is Computer Hacking So Open These Days?Can Anyone Tell The Market Segmentation Starategies Of Indian Cellular Players?Which Is The Most Convenient 3g Usb Modem? Vodafone? T-mobile?How Do I Get A Jailbroke 3g Iphone Working For My Gfs Tmobile Account?Question About Sql Injection In Php?Linux Root Login Help!?How To Get Rid Of The Popup For Antivirus Pro 2009?The Phone Co Has Informed Me That There Was An Attempt To Hack Into My Email, What Are They Looking For?Can People On Yahoo Answers Hack Into Your Computer More Easily Since You Have An Account Here?Can You Hack A Psp With The Ac Adapter In While Hacking?Which Mobile Connection Should I Go For?Which Is The Best Gsm Mobile Service In Gujarat?Whats The Difference Between The Regular Apple Iphone And The New Iphone 3g?Help With Sql Injection?Reset Root Password In LinuxWhat Is The Best Antivirus On The Market Today?I Need To Know Is There Any Possibility Of Hacking A Email Password And What Is The Way How To Hack That?Can People Hack Into Your Computer Using Yahoo Chat Rooms Or Messenger?How Do You Feel About Kids Hacking Through Programs Schools Use To Block Websites?Why Does Vodafone Live Keep Coming Up In Plain Text And Not In Full Page, Colour Mode?My Daughters Sony Ericsson W580i On Vodafone Will Not Download Music Station Any Ideas How To Do It?Is There A Way To Sync Your Iphone On A Different Without Erasing Everything?Sql Injection Prevention?How To Recovery Linux Root Passwd? I Forgot The Passwd.?Can Someone Hack A Computer Just With An Ip And Email Address?How Does My Brother Hack My Yahoo Messenger In Less Than A Minute?What Is The Statutes For Federal Hacking Laws?What Is The Name Of The Juno Song On The Vodafone Ad?How Can Get Collection Or Address Verification Agency?How Much Is The Iphone In The Philippines?Sql Injection My Idea?How To Create A Root Partition For Linux Red Hat Installation?What's The Best Website To Download Good Antivirus For Free?On Myspace Does A Hacker Need Your Login Password Or Email To Hack It?Can Somebody Really Hack Your Yahoo Password?What Are Some Of The Good Websites To Learn Networking And Hacking Tricks?What Is The Best Mobile Network In London, Becuase Some Poeple Told Me Vodafone Is The Best,?Why Cannot Make Or Receive Calls? Network Busy Message On Vodafone All The Time?How Can I Get Changes Made To My Iphone Contacts To Update My Yahoo Address Book?Quick Sql Injection Question?Linux Chane Root Password?What Antivirus Programs Do Computer Shops Use?Is It Possible That Someone Hack My Yahoo Id?What Is The Difference Between Hacking A Phones And Unlocking A Phone?How Do I Open A Message At Vodafone Live?Does Anybody Know How To Manually Set Up Inernet Browsing With Vodafone For The Lg Viewty?How Can I Unlock My Unactivated Iphone Without Having To Buy Anything?Privilege Escalation Via Sql Injection?I Can T Make A "root" Login From A Computer To The Linux Computer With Telnet , But I Can Make It With AnotherWhat Is The Best And Longest Lasting Antivirus Software?Is It Legal For Someone To Have Jag/private Attorney Hack Into Personal Email Accounts?Is It Possible For Someone To Hack Their Way In To My Yahoo!id And Pose As Me?How Can It Be That Hacking Causes Problems In A Modern Digital Society?What Are The Internet Setting For Pay As You Talk Vodafone?How Much Do You Really Pay For An Iphone?Does Anyone Know Sql Injection Attacks?What's The Risks Of Running Linux As Root All The Time?What Antivirus - Internet Security Should I Buy For My Wireless Computer?Can Someone Hack Your Youtube And Email Accounts?Can I Hack Into A Yahoo Im As Its Happening?What Are Penalities For Hacking An Email Account?Blackbery Phones. I Am With Vodafone In Spain Now, Will A Blackberry Phone Work?I Need To Unlock A Nokia 6680 Set To Vodafone?What Is The Current Status Of The Iphone 3g Unlock?Sql Injection Invalid Characters?How To Scp As Non-root In Redhat Linux?I Have Symantec Antivirus And It Wont Let Me Connect To Limewire? How Do I Get Access To Limewire On Symantec?If You Had A Degree In Computing Would You Have The Capabilities To Hack Into Email Accounts?How Do I Hack Into A Yahoo Email?How Can I Tell The Seriousness Of My Cat's Hacking Like Cough?Can I Fit An Antenna To My Vodafone Dongle?Is It Possible To Top Up A Friend's Vodafone Uk Phone From Canada?How Can I Transfer My Iphone Contacts To My Computer And Then From A Computer To Another Computer?

Pages

 

May 2009
M T W T F S S
     
 123
45678910
11121314151617
18192021222324
25262728293031

Recent Comments

Google Analysis


0
Unique
Visitors
Powered By
24 May

Any Sql Injection Prevention Methods?

Author: admin  //  Category: SQl Injection

Hello friends, I am making a chat application but I am in a dilemma. Normally in a chat, people can speak of anything using just about any character in the keyboard or any word including words like DELETE * FROM —— etc etc opening way for SQL Injection.
So I was thinking that a good idea is to encode everything that I am getting from user and only then put it in my database and decode it into normal words while I am taking it out. Maybe say using ASCII encoding itself. Like DELETE can be encoded into 686976698469. This way everything that goes into the database is safe.
But I was thinking that if the solution to SQL Injection attacks is so simple then why is it often discussed as a major problem. Am I missing a point here. Please reply

Tags: , ,

One Response to “Any Sql Injection Prevention Methods?”

  1. SomeGuyW Says:
    May 25th, 2009 at 4:37 am

    Because encryption/decryption causes a lot of overhead, mostly.
    Simple techniques (like blocking bad words, escaping quotes) work the best, because they’re the easiest to maintain.
    MySQL offers the best solutions with built-in functions for PHP (mysql_real_escape_string), and magic_quotes. MS SQL requires a little more work - in the end, you want your DB contents to remain readable (what if you lose your encryption key?)

Leave a Reply