sanitizing an html form |
sanitizing an html form |
pulp-girl |
May 13 2008, 11:09 AM
Post
#1
|
Group: Members Posts: 2 Joined: 13-May 08 Member No.: 5,638 |
Our site was hit by a sql injection. I handle the front end side and would liek to know a simple wayto restrict characters on an html form and a search field. Any help would be great. Thank you!
|
Darin McGrew |
May 13 2008, 11:40 AM
Post
#2
|
WDG Member Group: Root Admin Posts: 8,365 Joined: 4-August 06 From: Mountain View, CA Member No.: 3 |
No client-side script is going to protect you from SQL injection.
|
pulp-girl |
May 14 2008, 09:26 AM
Post
#3
|
Group: Members Posts: 2 Joined: 13-May 08 Member No.: 5,638 |
ok... so is this something that can only be stopped on the sql databasE? I'm sorry i'm really new to all this and was told that the best way to avoid this was the edit my html forms and search fields...
:| |
Brian Chandler |
May 14 2008, 11:08 AM
Post
#4
|
Jocular coder Group: Members Posts: 2,460 Joined: 31-August 06 Member No.: 43 |
ok... so is this something that can only be stopped on the sql databasE? I'm sorry i'm really new to all this and was told that the best way to avoid this was the edit my html forms and search fields... :| Then you were told very definitely wrong. This is a programming problem - and it's a well-known issue, so there should be lots of resources to help. |
Lo-Fi Version | Time is now: 24th April 2024 - 09:22 PM |