Notices tagged with sqlinjection
-
Roland Häder (roland)'s status on Friday, 09-Jan-2015 11:30:01 CET Roland Häder @ignurante It is because of they don't secure input data from $_GET, $_POST and so on which then can be easily inserted into SQL strings causing #SQL-injection or in include commands #remote-inclusion. I use full paths, sprintf() and mysql_real_escape_string() (I know, the MySQL extension is out-dated) to combat those attacks. Plus in addition I use my enhanced edition of #ctracker: https://git.mxchange.org/?p=ctracker.git;a=summary git://git.mxchange.org/ctracker.git -
der (der)'s status on Monday, 03-Nov-2014 12:11:51 CET der #SONY. lernt. es. nicht. http://is.gd/2feMFc #sql-injection #FAIL!