Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re^2: Use PPI to Find SQL Injection Attacks

by Ovid (Cardinal)
on Aug 14, 2007 at 18:58 UTC ( #632570=note: print w/ replies, xml ) Need Help??


in reply to Re: Use PPI to Find SQL Injection Attacks
in thread Use PPI to Find SQL Injection Attacks

Excellent points on the SQL. I like the DBI subclass idea. Can you point me to some examples? I've never tried to do anything like that before.

Cheers,
Ovid

New address of my CGI Course.


Comment on Re^2: Use PPI to Find SQL Injection Attacks
Re^3: Use PPI to Find SQL Injection Attacks
by jZed (Prior) on Aug 14, 2007 at 19:08 UTC
    A minimal DBI subclass can be found here: Interpolate binds into SQL on error - DBI subclassing (possibly not the best example but since I wrote it I knew where to find it :-)). Basically you'd need to redefine execute() to do nothing, and redefine prepare() (in MyDBI::db) to do your injection checking.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://632570]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (4)
As of 2014-11-29 09:04 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My preferred Perl binaries come from:














    Results (204 votes), past polls