Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Can someone explain

Options
  • 26-09-2006 9:48pm
    #1
    DrivingInfo
    Closed Accounts Posts: 368 ✭✭


    I asked for opinion on my site yesterday and I don’t understand what this is

    Quote: Also i found some sql statements in your page source.
    How safe can that be giving the tables name away?


Comments

  • Options
    #2
    DonkeyStyle \o/
    Closed Accounts Posts: 7,145 ✭✭✭DonkeyStyle \o/


    SQL statements are supposed to be handled by the server, and aren't relevant to the client\user visiting your site... so if sql statements are appearing in your served pages, then I'd say it's at least untidy, or maybe something isn't working as a result of them being treated as html.

    Allowing people to know the table name would probably make life easier for them if they were able to inject some code... assuming they're able to for starters.


  • Options
    #3
    DrivingInfo
    Closed Accounts Posts: 368 ✭✭DrivingInfo


    Thank you

    Thats the job.....


  • Options
    #4
    vito
    Closed Accounts Posts: 70 ✭✭vito


    If you want to learn more then google 'sql injection'.


  • Options
    #5
    DrivingInfo
    Closed Accounts Posts: 368 ✭✭DrivingInfo


    vito wrote:
    If you want to learn more then google 'sql injection'.

    Will do


Advertisement