ADODB functions injection safe?

Simple Machines Forum

News:

Welcome to the Browser-Base Game Zone forums!

« previous next »

Print

Pages: [1] Go Down

Author Topic: ADODB functions injection safe? (Read 545 times)

Wakish

Level 14
Posts: 111
Reputation: +0/-1

ADODB functions injection safe?

« on: April 05, 2009, 11:49:31 AM »

I need the opinion of those who uses ADODB:
Are simple ADODB functions like Execute() immune to sql injections?

I have tried injecting in my codes, I do find it immune. But I want to confirm this..

Thanks!

Logged

codestryke

Administrator
Level 33
Posts: 589
Reputation: +22/-0

Re: ADODB functions injection safe?

« Reply #1 on: April 05, 2009, 01:46:50 PM »

If you use their parameter ? notation yup it's safe, if not then it's just like writing raw SQL and can be injected.

« Last Edit: April 05, 2009, 06:51:56 PM by codestryke »

Logged

Creating online addictions, one game at a time:

Zeggy

Global Moderator
Level 35
Posts: 1,187
Reputation: +13/-4

Re: ADODB functions injection safe?

« Reply #2 on: April 07, 2009, 02:52:29 AM »

You should still check for variable types/ranges though, small things such as negative numbers can still cause some headaches

Logged

Print

Pages: [1] Go Up

« previous next »

SimplePortal 2.3.3 © 2008-2010, SimplePortal