Join
1
1 Comment

Learn what SQL injection is and how to defend against it

by Adrian

Web security 101: Learn how to defend against SQL injection and how to find it!

Protecting Your SaaS Business from a database attack.

blog.getsafesaas.co

Hey IH, here is a blog post on how to defend and understand what SQLinjection is.

Let me know what you think and what would you change or add.

Avatar for Adrian Adrian
submitted this link on February 13, 2023
Say something nice to Adriannn…
Post Comment
  1. 1

    Article is good, but I would phrase this a bit differently.

    To avoid SQL injection attacks, keep the data separate from SQL. So that data stays as data and is not read as commands by the SQL parser:

    • If the code needs a number, change it to a number explicitly
    • If it's a string, use bind parameters
    • If it's an enum, double-check that the value is strictly from the enum
    User Avatar PhpSecure
    ·
    3 years ago
    ·
    Reply
Trending on Indie Hackers
Priorities for launching a SaaS solo, with no budget User Avatar 104 comments Three Days Before Launch, I Let My Own Tool Tear Me Apart User Avatar 37 comments I thought I was building a news visualization tool. Users thought it was a catch-up tool. User Avatar 34 comments I Rejected a $15K Acquisition Offer for My Multi-Agent IDE — Here's the Full Breakdown User Avatar 28 comments 5 Books, Make Smarter User Avatar 8 comments Launched Lemonvite on Product Hunt today: $5 per event, no ads, no subscription. User Avatar 2 comments