Grokking Code

Code exists for a reason.

»

Cleaning user input for use in SQL statements

Posted by Ryan Grange on January 4, 2008

Entry moved to Blogspot

This entry was posted on January 4, 2008 at 8:48 pm and is filed under Articles. Tagged: , , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Responses to “Cleaning user input for use in SQL statements”

  1. Automated SQL Injection Attack Cripples Thousands of Web Sites « Grokking Code said

    January 8, 2008 at 4:28 pm

    [...] Thousands of Web Sites January 8, 2008 — Ryan Grange Here we are just 4 days after my earlier post on protecting yourself from SQL injection and we have news about just such an attack affecting tens [...]

  2. SQL Statement Cleaning Functions « Grokking Code said

    January 8, 2008 at 10:41 pm

    [...] Statement Cleaning Functions January 8, 2008 — Ryan Grange As an addendum to my earlier post covering SQL injection, I’m posting here the function in various languages to facilitate its use by as broad a base [...]

  3. Ryan Grange said

    March 6, 2008 at 2:49 am

    Be sure to also check into the use of “prepared statements” to remove some security concerns as well. (Tip of the hat to Dave for bringing those up.)

  4. SQL Injection protection addendum « Grokking Code said

    June 1, 2008 at 8:25 pm

    [...] on Random Records from SolrRyan Grange on SQL Statement Cleaning Fu…Ryan Grange on Cleaning user input for use in…Ryan Grange on SQL Statement [...]

  5. SewpressWap said

    January 9, 2009 at 8:56 am

    [The logic puzzle sent by this user has been removed as off-topic, but not spam.]

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

»