WebApp Sec mailing list archives
Re: PHP for preventing SQL injections?
From: David Bernick <bernz () bernztech org>
Date: Wed, 17 Sep 2003 15:49:10 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lefevre, Steven wrote: | Hey folks - | | Does anyone know of a regexp for checking SQL strings for injection | attempts? decent ones, but not perfect: insert[[:space:]]+into delete( |\n)+from update[[:space:]]+set -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/aLq2zR9WeS6DURURAihcAJ410W7Vee7T0i7/8XB6WfsRSUdy0QCZAQ2C oNP+7slf8v0DgtXgmk/ix6Q= =JmU4 -----END PGP SIGNATURE-----
Current thread:
- PHP for preventing SQL injections? Lefevre, Steven (Sep 16)
- Re: PHP for preventing SQL injections? Security OnLine.tk (Sep 16)
- Re: PHP for preventing SQL injections? wilfrid (Sep 17)
- Re: PHP for preventing SQL injections? cipherz (Sep 17)
- Re: PHP for preventing SQL injections? Harry M (Sep 18)
- Re: PHP for preventing SQL injections? wilfrid (Sep 17)
- Re: PHP for preventing SQL injections? Security OnLine.tk (Sep 16)
- Re: PHP for preventing SQL injections? weigelt (Sep 16)
- Re: PHP for preventing SQL injections? David Bernick (Sep 18)
- <Possible follow-ups>
- RE: PHP for preventing SQL injections? latte (Sep 16)
- Re: PHP for preventing SQL injections? Alex Lambert (Sep 16)
- RE: PHP for preventing SQL injections? Lefevre, Steven (Sep 17)
- Re: PHP for preventing SQL injections? Sverre H. Huseby (Sep 18)
- Re: PHP for preventing SQL injections? Alex Lambert (Sep 16)
- Re: PHP for preventing SQL injections? Gavin Zuchlinski (Sep 17)