Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Question regarding SQL injection
Question regarding SQL injection
  • El Forum
    Unregistered
  •  
#8
11-07-2008, 10:05 AM

[eluser]dcunited08[/eluser]
In that case, I would suggest limiting your allowed characters, search the database to make sure they are not already in use, and whitelist (regex work great) the allowed characters and give errors if the character is not allowed. Think of it this way, if you allow more secure passwords but also allow SQL Injection the system is more at risk then limiting the security of passwords and removing the vulnerability. You can also use [url="http://us3.php.net/mysql_real_escape_string"]mysql_real_escape_string[/url] since you are using MYSql. (disregard the htmlspecialchars)


Messages In This Thread
Question regarding SQL injection - by El Forum - 11-07-2008, 08:41 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 09:05 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 09:14 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 09:15 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 09:40 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 09:43 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 09:49 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 10:05 AM
Question regarding SQL injection - by El Forum - 11-07-2008, 11:29 AM



Theme © iAndrew 2016 - Forum software by © MyBB