Interested to Buy Any Domain ? << Click Here >> for more details...
Answer Posted / srikant dwibedi
SQL Injection is he process of passing SQL code into an
application in a way that was not intended by the
application developer or it is a strategy for attacking
databases.
Example
An ASP page asks the user for a name and a password.
SELECT FROM users WHERE username="whatever" AND
password="mypassword".
It seems safe,but it is not. A user might enter somthing
like this 'OR 1>0....
when this is plugged into the SQL statewments the result
looks like this:
SELECT FROM users WHERE username="OR 1>0 " AND
password=" ";
This injectin comments out of the password portion of the
statement. It results in a list of all the names in the
users table. So any user could get into your system.
| Is This Answer Correct ? | 3 Yes | 2 No |
Post New Answer View All Answers
How to create data relations?
What is ado.net architecture?
Explain the role of data provider in ado.net?
How to perform sorting on a table in ADO.NET?
Explain advantages of ado.net?
What is the difference between Data adaptor and Data set?
What are two important objects of ADO.Net?
Describe datareader object of ado.net with example.
What is ole word?
What is ado.net tutorial?
What are the key events of sqlconnection class?
What is ado or jdbc?
Describe the disconnected architecture of ADO.NET’s data access model.
What are the different methods available under the sqlcommand class to access the data?
What is data view and variable view?
