Learn what SQL injection is and how to defend against it

by Adrian

Web security 101: Learn how to defend against SQL injection and how to find it!

Protecting Your SaaS Business from a database attack.

blog.getsafesaas.co

Hey IH, here is a blog post on how to defend and understand what SQLinjection is.

Let me know what you think and what would you change or add.

submitted this link on February 13, 2023

Say something nice to Adriannn…

1
Article is good, but I would phrase this a bit differently.

To avoid SQL injection attacks, keep the data separate from SQL. So that data stays as data and is not read as commands by the SQL parser:
- If the code needs a number, change it to a number explicitly
- If it's a string, use bind parameters
- If it's an enum, double-check that the value is strictly from the enum
PhpSecure

·
3 years ago
·
Reply

Trending on Indie Hackers

I built a text-to-video AI in 30 days.

67 comments What 300 Builders Taught Us at BTS About the Future of App Building

52 comments I built something that helps founders turn user clicks into real change 🌱✨

49 comments From a personal problem to a $1K MRR SaaS tool

32 comments How An Accident Turned Into A Product We’re Launching Today

29 comments I built an Image-to-3D SaaS using Tencent's Hunyuan 3D AI