Join
1
1 Comment

Learn what SQL injection is and how to defend against it

by Adrian

Web security 101: Learn how to defend against SQL injection and how to find it!

Protecting Your SaaS Business from a database attack.

blog.getsafesaas.co

Hey IH, here is a blog post on how to defend and understand what SQLinjection is.

Let me know what you think and what would you change or add.

Avatar for Adrian Adrian
submitted this link on February 13, 2023
Say something nice to Adriannn…
Post Comment
  1. 1

    Article is good, but I would phrase this a bit differently.

    To avoid SQL injection attacks, keep the data separate from SQL. So that data stays as data and is not read as commands by the SQL parser:

    • If the code needs a number, change it to a number explicitly
    • If it's a string, use bind parameters
    • If it's an enum, double-check that the value is strictly from the enum
    User Avatar PhpSecure
    ·
    3 years ago
    ·
    Reply
Trending on Indie Hackers
The most underrated distribution channel in SaaS is hiding in your browser toolbar User Avatar 194 comments How are you handling memory and context across AI tools? User Avatar 109 comments I gave 7 AI agents $100 each to build a startup. Here's what happened on Day 1. User Avatar 105 comments Do you actually own what you build? User Avatar 66 comments Code is Cheap, but Scaling AI MVPs is Hard. Let’s Fix Yours. User Avatar 34 comments How to see your entire business on one page User Avatar 29 comments