通用的防止sql注入的代码
防sql注入,防注入代码,SQL注入攻击的总体思路是:1.发现SQL注入方位;2.判别后台数据库类型;3.确定XP_CMDSHELL可执行状况4.发现WEB虚拟目录5.上传ASP木马;6.得到管理员权限;为了避免注入攻击,最基本的方法是进行关键词过滤,如今推荐两种典型代码,可以大局调用或加在每个动态页面当中.通用的避免sql注入的代码.doc
本资源由开源阁IT资料站收集。
(The general idea of ??anti-sql injection, anti-injection code, and SQL injection attack is: 1. Discover the location of SQL injection; 2. Identify the background database type; 3. Determine the executable status of XP_CMDSHELL; 4. Discover the WEB virtual directory; 5. Upload the ASP Trojan; 6 .Get administrator privileges; in order to avoid injection attacks, the most basic method is to filter keywords. Today, two typical codes are recommended, which can be called in the overall situation or added to each dynamic page.
Generic code to avoid sql injection.doc
This resource is collected by the Open Source Pavilion IT Information Station.)
页:
[1]