O'Reilly logo

Writing Secure Code by Michael Howard and David LeBlanc

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 12. Database Input Issues

Many applications, especially Web-based applications, store persistent data in databases. In fact, so many Web-based applications and XML Web services use databases that it’s difficult to talk about one without discussing the other. Therefore, in this chapter I’ll discuss database issues primarily with regard to database Web applications. (Chapter 13, will focus on pure Web security issues that have nothing to do with databases but plenty to do with trusting input!) And I’ll focus on one core subject—input trust issues that lead to SQL injection attacks—but before I do, I need to tell you a story.

In November 2001, I presented two papers at the Microsoft Professional Developer’s Conference in Los Angeles. The second ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required