(The general idea of ??anti-sql injection, anti-injection code, and SQL injection attack is: 1. Discover the location of SQL injection; 2. Identify the background database type; 3. Determine the executable status of XP_CMDSHELL; 4. Discover the WEB virtual directory; 5. Upload the ASP Trojan; 6 .Get administrator privileges; in order to avoid injection attacks, the most basic method is to filter keywords. Today, two typical codes are recommended, which can be called in the overall situation or added to each dynamic page.
Generic code to avoid sql injection.doc
This resource is collected by the Open Source Pavilion IT Information Station.)