Archive for the ‘Web Security’ Category

I don’t even know why I start on some of these projects.. <?php class MSSQL { private $link; public function Connect( $host, $user, $pass ) { return( $this->$link = mssql_connect( $host, $user, $pass ) ); } public function Disconnect( ) { return( mssql_close( $this->$link ) ); } public function Select( $database ) { return( mssql_select_db( […]

Recently, I stumbled upon a neat little Powerpoint by the guys over at Google, which I think will benefit most of the amateurs out there. Quit staring at this post, and get reading!

Coming from many varying communities, I ┬ásee a common misconception in how-to sanitize data before sending it off to a MSSQL query: sometimes, developers will strip keywords, attempt to escape quotes and backslashes with another backslash, etc. To escape data being sent to a query, all you have to do is escape a single quote […]