0

What is SQL injecting???

27th Nov 2017, 2:50 PM
Ashish Kumar
Ashish Kumar - avatar
3 ответов
+ 2
If a website doesn't protect against it, you can use certain inputs that's sending info to a database and post your own code directly into the input box. Then when it gets read, it executes the code, which means you can easily manipulate their database. As such, make sure you always validate inputs and escape special chars so you don't have that issue.
27th Nov 2017, 2:56 PM
AgentSmith
+ 2
As @Netkos Ent indicates, any time you see the word "inject", it means you get to insert "something under your control" into a system that normally does not want that 'feature', causing it to trust your input as part of its internal operations, as if the programmer intended that to happen. This is similar to a class of problems known as arbitrary code execution.
27th Nov 2017, 4:35 PM
Kirk Schafer
Kirk Schafer - avatar
0
SQL injection is a code injection technique that might ruin your database.
27th Nov 2017, 3:49 PM
Andika Romansyah