ASP.NET,C#.NET,VB.NET,JQuery,JavaScript,Gridview,SQL Server,Ajax,jQuery Plugins,jQuery UI,SSRS,XML,HTML,jQuery demos,code snippet examples.

Breaking News

Object Oriented Analysis and Design (OOAD)   |    Download, Upload files from SFTP Server in C#   |    What is Bulk Email Service?   |    Secure Sockets Layer (SSL)   |    WCF Interview Questions and Answers   |    Download, Upload,Delete Files from FTP Server Using C#   |    Import CSV File into Database in C#   |    Entity Framework Interview Questions and Answers   |    LINQ Interview Questions with Answers   |    Cookie Authentication In ASP.net Core   |   
  1. Home
  2. sql
  3. What is SQL Injection?

What is SQL Injection?

2017-09-27T02:01:00-07:00
This article describes about the basic overview of SQL Injections and how to protect it?. Summary of the article:
  • SQL Injection
  • How to Prevent SQL Injection?
SQL Injection
SQL Injection is a one kind of attack where the attacker generates malicious code and send into SQL query to access database or system.
How to Prevent SQL Injection?
For any database application it is necessar to overcome SQL Injection . We can prevent the SQL Injection in the following ways or to prevent SQL Injection we need to do the following things:
  • Use stored procedure (SP)
  • Re-validate data in stored procedures
  • Use parametrized query
  • Use ORM tools (LINQ, NHybernet, LINQ to Entities)
  • Use regular expression to discard input string
  • Encrypt sensitive data
  • Check unwanted character, words (–, ;,  insert, delete, update) in query
  • Access the database using an account with the least privileges necessary
  • Install the database using an account with the least privileges necessary
  • Ensure that error messages give nothing away about the internal architecture of the application or the database
That’s all about SQL Injection.

No comments

Subscribe to: Post Comments ( Atom )