Join
1
1 Comment

Learn what SQL injection is and how to defend against it

by Adrian

Web security 101: Learn how to defend against SQL injection and how to find it!

Protecting Your SaaS Business from a database attack.

blog.getsafesaas.co

Hey IH, here is a blog post on how to defend and understand what SQLinjection is.

Let me know what you think and what would you change or add.

Avatar for Adrian Adrian
submitted this link on February 13, 2023
Say something nice to Adriannn…
Post Comment
  1. 1

    Article is good, but I would phrase this a bit differently.

    To avoid SQL injection attacks, keep the data separate from SQL. So that data stays as data and is not read as commands by the SQL parser:

    • If the code needs a number, change it to a number explicitly
    • If it's a string, use bind parameters
    • If it's an enum, double-check that the value is strictly from the enum
    User Avatar PhpSecure
    ·
    3 years ago
    ·
    Reply
Trending on Indie Hackers
Priorities for launching a SaaS solo, with no budget User Avatar 205 comments I built a tool directory that doesn't pretend every founder has the same needs User Avatar 39 comments Why founder-led outbound breaks the moment you try to delegate it User Avatar 7 comments I built a browser-based photo geotagging tool. What should I lead with? User Avatar 6 comments AI helped me ship faster. Then I forgot what my product actually does. User Avatar 5 comments Launched on Product Hunt today: budget hosting where the whole pitch is honesty User Avatar 2 comments