CHAPTER7
SQL Injection and Other Injection Attacks
Make no mistake: Many web and web service applications are simply glorified database applications. Programmers interface their web applications to databases via structured query languages such as SQL, OQL, and HQL. Improperly structured queries are a leading cause of exploitation in online applications and are infamously known as SQL injection!
What Is SQL Injection?
SQL injection occurs when untrusted data such as user data from application web pages are added to database queries, materially changing the structure and producing behaviors inconsistent with application design or purpose. Clever ...
Get Iron-Clad Java now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.