[thelist] RE: [offlist] Need help with a simple regex (Mondayannoyance)
Ken Schaefer
Ken at adOpenStatic.com
Tue Apr 5 02:53:59 CDT 2005
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: From: thelist-bounces at lists.evolt.org [mailto:thelist-
: bounces at lists.evolt.org] On Behalf Of Paul Cowan
: Subject: [thelist] RE: [offlist] Need help with a simple regex
: (Mondayannoyance)
:
: On 5/04/2005 5:10 PM +1000 Ken Schaefer wrote:
: > Could I suggest re-reading the previous thread that was referenced. We
: > covered simple data type checks.
:
: Cheers Ken, thanks. I've been out of Oz for a few weeks so hadn't seen the
: other thread -- but even so, it's still a point well worth mentioning
: because there are a LOT of people who don't understand SQL injection
: nearly as well as they ought to!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Oh, definitely. Another common gotcha is where you escape string input coming
from the end user. But then you extract the data later and use it in another
query (e.g. when allowing a password reset). And the injection takes place
then.
So, I might store my "old" password as ';UPDATE Users SET UserPassword = ''
WHERE UserName = 'Administrator'
And then you safely escape that and store it in the database as my password.
I then do a password reset, and when your code does something like:
UPDATE Users SET Password = ' & strNewPassword & ' WHERE UserPassword = ' &
strOldPassword & ' then you get a bit of a nasty surprise :-)
Cheers
Ken
--
www.adOpenStatic.com/cs/blogs/ken/
More information about the thelist
mailing list