- 0
SQL Injection
-
Recently Browsing 0 members
- No registered users viewing this page.
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. For more details you can also review our Terms of Use and Privacy Policy.
Question
TheGodfather
Salut, cum se pot rezolva problemele legate de sql injection? Am vazut ca una din metode ar fi folosirea de %e in loc de %s ca in exemplul de mai jos.
Sql injection: format(gQuery, sizeof(gQuery), "SELECT * FROM users WHERE `name`='%s' AND `password`='%s' LIMIT 1", GetName(playerid),password);
Fara sql injection: format(gQuery, sizeof(gQuery), "SELECT * FROM users WHERE `name`='%e' AND `password`='%e' LIMIT 1", GetName(playerid),password);
6 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.