December 2013
Intermediate to advanced
1872 pages
153h 31m
English
book
Microsoft® SQL Server 2012 Unleashed
by Ray Rankins, Paul T. Bertucci, Chris Gallelli, Alex T. Silverstein
Content preview from Microsoft® SQL Server 2012 Unleashed
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
SQL Injection Is Easy to Do
As we previously stated, SQL injection is the number-one security vulnerability globally as reported and tracked by the Open Web Application Security Project (OWASP; www.owasp.org). Because of this continued vulnerability, we decided to show you how to do SQL injection. However, keep in mind that we are showing you how to do it so that you can prevent this situation from happening to you. You need to make sure you include the vulnerability checks as a part of your coding and design reviews. Then this will never happen to you.
If you have a typical .NET forms application that prompts users to provide filter criteria to locate information, this is often a perfect place for hackers to add their own malicious code to ...