Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

ThinkPHP Blog:
SQL injections for dummies - and how to fix them
Sep 15, 2006 @ 08:38:15

On the ThinkPHP Blog, there's a look at how to handle SQL injections, including a video showing how their product, Chorizo handles their discovery in your application.

Well, database operations are bread-and-butter work for most PHP applications. PHP and MySQL, for example, have been like brother and sister for many years. You may have heard about "SQL injections", a bad taste from the outside world of $_GET, $_POST, $_COOKIE and the like.

They mention the obvious - not accepting unfiltered input from users - and how the Chorizo and Morcilla software work to identify and comabt them in an application. You can even check out a Flash video of the process you'd need to take.

tagged: sql injection chorizo morcilla scanner security input filter sql injection chorizo morcilla scanner security input filter

Link: