linux.com — SQL injection attacks can allow hackers to execute arbitrary SQL commands on your database through your Web site. To avoid these attacks, every piece of data supplied by a user on a Web form, through HTTP Post or CGI parameters, or other means, must be validated to not contain information that is not expected, GreenSQL is a firewall for SQL.
Aug 25, 2008 View in Crawl 4
esquilaxAug 26, 2008
Simple and WRONG.
lord2800Aug 26, 2008
SQLAlchemy fails by being Python-only.
charlietunaAug 27, 2008
Not utter fail to reject all except a subset of characters. I always use binds, and I limit input to the narrowest set of values such as integers, or a maximum and minimum. There are buffer overflow issues to watch out for too, so strings are really to be avoided if you can instead lookup the value (in an array) on the server.
charlietunaAug 27, 2008
Cute
upfrontfanaticSep 1, 2008
There is so much wrong with this article that I don't know where to start.Ah hell. Not even gonna bother. Burried.