Join
1
1 Comment

Learn what SQL injection is and how to defend against it

by Adrian

Web security 101: Learn how to defend against SQL injection and how to find it!

Protecting Your SaaS Business from a database attack.

blog.getsafesaas.co

Hey IH, here is a blog post on how to defend and understand what SQLinjection is.

Let me know what you think and what would you change or add.

Avatar for Adrian Adrian
submitted this link on February 13, 2023
Say something nice to Adriannn…
Post Comment
  1. 1

    Article is good, but I would phrase this a bit differently.

    To avoid SQL injection attacks, keep the data separate from SQL. So that data stays as data and is not read as commands by the SQL parser:

    • If the code needs a number, change it to a number explicitly
    • If it's a string, use bind parameters
    • If it's an enum, double-check that the value is strictly from the enum
    User Avatar PhpSecure
    ·
    3 years ago
    ·
    Reply
Trending on Indie Hackers
710% Growth on my tiny productivity tool hit differently, here is what worked in January User Avatar 64 comments You roasted my MVP. I listened. Here is v1.3 (Crash-proof & 100% Local) User Avatar 26 comments I built a tool to search all my messages (Slack, LinkedIn, Gmail, etc.) in one place because I was losing my mind. User Avatar 25 comments Why I built a 'dumb' reading app in the era of AI and Social Feeds User Avatar 18 comments Our clients have raised over $ 2.5 M in funding. Here’s what we actually do User Avatar 14 comments How I got my first sale from a forgotten project User Avatar 10 comments