Join
1
1 Comment

Learn what SQL injection is and how to defend against it

by Adrian

Web security 101: Learn how to defend against SQL injection and how to find it!

Protecting Your SaaS Business from a database attack.

blog.getsafesaas.co

Hey IH, here is a blog post on how to defend and understand what SQLinjection is.

Let me know what you think and what would you change or add.

Avatar for Adrian Adrian
submitted this link on February 13, 2023
Say something nice to Adriannn…
Post Comment
  1. 1

    Article is good, but I would phrase this a bit differently.

    To avoid SQL injection attacks, keep the data separate from SQL. So that data stays as data and is not read as commands by the SQL parser:

    • If the code needs a number, change it to a number explicitly
    • If it's a string, use bind parameters
    • If it's an enum, double-check that the value is strictly from the enum
    User Avatar PhpSecure
    ·
    3 years ago
    ·
    Reply
Trending on Indie Hackers
Priorities for launching a SaaS solo, with no budget User Avatar 165 comments I thought I was building a news visualization tool. Users thought it was a catch-up tool. User Avatar 38 comments I Rejected a $15K Acquisition Offer for My Multi-Agent IDE — Here's the Full Breakdown User Avatar 29 comments I built a tool directory that doesn't pretend every founder has the same needs User Avatar 19 comments 5 Books, Make Smarter User Avatar 10 comments Why founder-led outbound breaks the moment you try to delegate it User Avatar 7 comments