Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re^2: Use PPI to Find SQL Injection Attacks

by Ovid (Cardinal)
on Aug 14, 2007 at 18:58 UTC ( #632570=note: print w/replies, xml ) Need Help??


in reply to Re: Use PPI to Find SQL Injection Attacks
in thread Use PPI to Find SQL Injection Attacks

Excellent points on the SQL. I like the DBI subclass idea. Can you point me to some examples? I've never tried to do anything like that before.

Cheers,
Ovid

New address of my CGI Course.

  • Comment on Re^2: Use PPI to Find SQL Injection Attacks

Replies are listed 'Best First'.
Re^3: Use PPI to Find SQL Injection Attacks
by jZed (Prior) on Aug 14, 2007 at 19:08 UTC
    A minimal DBI subclass can be found here: Interpolate binds into SQL on error - DBI subclassing (possibly not the best example but since I wrote it I knew where to find it :-)). Basically you'd need to redefine execute() to do nothing, and redefine prepare() (in MyDBI::db) to do your injection checking.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://632570]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (8)
As of 2016-12-05 10:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    On a regular basis, I'm most likely to spy upon:













    Results (76 votes). Check out past polls.